5fb93d61bc8ec49517f52465dbf78eb3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fb93d61bc8ec49517f52465dbf78eb3_JaffaCakes118
Size

524KB
MD5

5fb93d61bc8ec49517f52465dbf78eb3
SHA1

925061d738550a24ad74ebd7e4c5305020a84cae
SHA256

59a9f9cfacc2e39eee39def3a891cfd7676dc54bb59ef68baa13622ff6c24f0f
SHA512

d30e0ed16f6911f1818f960e005ae8e507429776da0d4b6f3d5a197038cd7dbbc59995d8e71dc92992e2927e986ad631485219dd43e7bd983ccf2cb2a2f9c6d5
SSDEEP

1536:wuZfHy5GTqq/KviWjrg2DJ/oEz4FTPNHjcGOu+XsIbFSCKfX:rZfHyAvAi48EJ/oEU+GsX7xS7fX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb93d61bc8ec49517f52465dbf78eb3_JaffaCakes118

Files

5fb93d61bc8ec49517f52465dbf78eb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44dc06401a6f13316284c47ad4fad48d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

GetFTime
GetFDate8
BCGetFileSize
szTmpBuf
StrToUpper
ZBCLASTCHR
FormatDate
ZENDFIL
GetDBStruct5
ZMAXREC
DBXISAMExvInterpreter
iDBXError
DBXAccess
DBFILEINFO
RADDR
ANNOEXT
TruncDecimal
BcxExit
DBClose
DBDatabase
FreeLocalData
pvTerminateProgram
AllocLocalData
SetExEuro
FormatNumber
pFrmtBuffer
VARLIST
TABOffset
RPEE
RFLV
RPED
CheckProto
FormatDouble
GetPartOfString
GetDirFileInfo2
ZBCERR
WS
GR
PHT
ComposeFileName
ZapDBStruct3
BCRound
SearchString
WriteDBStruct6
CallDllFunction2
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
pInfoExe
ZMINVERUX
pszCurrentModule
PHB
AddSl
SkipRightBlk
StrAdd
MakeDirectory
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
BcMain2
CallBCFunction

bc32ui

ZVIDRESTORE
InsertColGrid9
DefineTVString
DefineButtonGrid5
DefineCellGrid15
InsertRowGrid9
ZGRIGA
DefineVarsEx2
InsertVarsEx2
ExitWindow
ExitTerminateProgram
WgsInitData
RCCHAN
DBRemoveVars
EntryTerminateProgram
ExitInitProgramData
RRA
RIF
KYM
RI
cColsRI
cRowsRI
EntryInitProgramData
CANVID
SetEditConditions3
SetFuncKeyHide
SetCellConditions4
ZGCOL
DBDefineStructs
DBCreateVars2
DefineResource
pszDecodMessage
wKeyFlags
RTAB
RO
DefineGroupBox3
DefineButtonIvt
WgsSetEnabledKeys
WgsMessageBoxEx
ZDSELEM_TOT
GetDynamicStruct2
ZDIR_FDIM
ZDIR_FFILE
ResetVid6
EntrySub2
ZGCOL_ORDNUM
ZGCOL_ORDDIR
DefinePos4
pszID
DefineWindow10
DefineFormat
DefineLabel3
DefineEdit11
DefineGrid25
DefFuncKey3
RRI
RCI
ZDECOD
RunWindow5
ABC
ZVIDCOMPVIS
WgsRestoreInputData
ExitSub
KillDynamicStruct
TraceDebug2
DefineDynamicStruct5
szProgramName
DefineStyle4
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
GetStyle

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44dc06401a6f13316284c47ad4fad48d

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 460KB - Virtual size: 457KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 460KB - Virtual size: 457KB