a063dea2d9aae4d8cb4632d1d61ae154_JaffaCakes118

General

Target

a063dea2d9aae4d8cb4632d1d61ae154_JaffaCakes118
Size

28KB
MD5

a063dea2d9aae4d8cb4632d1d61ae154
SHA1

b049338e34ef861939ae96c17840e23e2acf46bb
SHA256

1914443e38159651544b8ac9d09148c639c4e2b521b11b872e96dee9b7a0b9aa
SHA512

abf42e20c384067ccb3c856371c5e54faed4f0704b1d361d0fdf02044396c9a4ffd433595f05a506ab2aa414a755d7cf7304e1b6050c5624009ef62ceb408f7f
SSDEEP

384:16LdtLHxV8mlO6OL/9yyMmXBsZXh6oZrr:ybxV8pyOEh6opr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a063dea2d9aae4d8cb4632d1d61ae154_JaffaCakes118

Files

a063dea2d9aae4d8cb4632d1d61ae154_JaffaCakes118
.exe windows:4 windows x86 arch:x86

512488a7150f9f36b733bd2aa5894341

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

AllocLocalData
pvTerminateProgram
FreeLocalData
BcMain2
DBDatabase
DBClose
DBXAccess
BcxExit
ZPREXTEND
bPrintFileName
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
CallDllFunction2
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE

bc32ui

DBCreateVars2
DBDefineStructs
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
CANVID

kernel32

GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
HeapDestroy

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

512488a7150f9f36b733bd2aa5894341

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 792B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 792B