410ab2a0e57018e37ca757a440f4f4ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

410ab2a0e57018e37ca757a440f4f4ad_JaffaCakes118
Size

36KB
MD5

410ab2a0e57018e37ca757a440f4f4ad
SHA1

8b8d6a48197e93bf48f28a27f5ca44531d90e7f8
SHA256

bb41e67b9f0d24858c09234aeafa43f503ba689edd2c0065aafb57099dde022c
SHA512

393fa5c68a9bbd1e458383ca979edd17b6411a2bd0881e323f9aaee1e56eb2e4a4ceed420b52a6a101dde7bde41524e4210b4ec06bfd31d80b4e1092ab8fe0cb
SSDEEP

768:gaVnTkNqyG1xcyEUZ1IiB916kZ4R2OhSocIjw2zjy:gaVnTkN+1xc0feI4yocITjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410ab2a0e57018e37ca757a440f4f4ad_JaffaCakes118

Files

410ab2a0e57018e37ca757a440f4f4ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ea330d148cfb97b8c7ff364f8bdf495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

GetDate
GetTSRHandlers
ZSYSTEM
ZSRVVER
iNewFrmSpec
AllocLocalData
pvTerminateProgram
bOptimizeSearch
pszSUBProto
FreeLocalData
DBDatabase
pszCurrentModule
DBClose
GetTimeExt
FormatDate
FormatNumber
Kill
TABCheckIntrExt
ZBCMSG
SkipRightBlk
BCXGetDirList2
ZNDIR
GetLineArgs
szTmpBuf
StrAdd
DBXAccess
psArgv
iArgc
ZPREXTEND
bGetActualArgsExv
ZEXVARG
PropertiesEx
BcxExit
ZTRADVER
ZMINVER
ZMINVERUX
GetIDSInfo
ZBCERR

bc32ui

DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
RCSRCH
SearchSTR
SYSDAT
pszDecodMessage
cRowsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
ExitTerminateProgram
WgsInitData
SYSDATEXT
WgsSetEnabledKeys
WgsMessageBoxEx
WgsSetDefinedKeys
WgsSetUncheckedKeys
TraceDebug2
szProgramName
WgsStartAppThread
WgsRunMainThreadLoop
cColsRI

bc32com

OpenFtp2
MakeDirFtp
CloseFtp
PutFileFtp

kernel32

GetVersion
GetCommandLineA
GetStartupInfoA
GetProcAddress
GetCurrentProcess
TerminateProcess
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetModuleHandleA
LCMapStringA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW

user32

PostQuitMessage

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ea330d148cfb97b8c7ff364f8bdf495

Headers

File Characteristics

Imports

bc32fn

bc32ui

bc32com

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 932B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 932B