21e5fc5672c10191ea286e56195e7d15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21e5fc5672c10191ea286e56195e7d15_JaffaCakes118
Size

32KB
MD5

21e5fc5672c10191ea286e56195e7d15
SHA1

c17977579fa4232a3930527e04048974fff5b3fb
SHA256

97c96ca8554f74b5944f44d1a506598a917c2cd7e5761449e3d2793b675d5f99
SHA512

6e454a6c78f823880255d8f9ee7293be4ba7d676d54182f3a698d2b3134093ab540173a2ab01d54ceda56c425b39850b1d340cc897ffcd5b53a862d31f31405d
SSDEEP

384:14RAmDej2LIGspQA1LmlOVhNWa3kyyhYSA5iXh6oZiWfmy:+Ru2LIGs2ahWa3kyXSA54h6o4Wfmy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21e5fc5672c10191ea286e56195e7d15_JaffaCakes118

Files

21e5fc5672c10191ea286e56195e7d15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec187e85c03c4d036d09dfbf1f891823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

PHB
ZDBSORGENTE
PRP
DBCheckDBParms2
ZDBAUT
BcxExit
ZDBSERVER
DBDatabase
FreeLocalData
pvTerminateProgram
AllocLocalData
ZDBUSER
ZDBPWD
ZDBTBLPROD
PHDB
SetConnString2
ZBCERR
ZBCMSG
BcMain2
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
GetLineArgs
SkipRightBlk
StrToUpper
SearchString
GetLeftChar
AddSl
ZSYSDIRSTART
GetAbsPath
StrAdd
CallDllFunction2
Close
DBXAccess
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
DBClose

bc32ui

DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
TraceDebug2
szProgramName
ABC
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
DefinePos4

kernel32

FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec187e85c03c4d036d09dfbf1f891823

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 932B

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 932B