b537bee208e32035ed531fde206baeb0_JaffaCakes118

General

Target

b537bee208e32035ed531fde206baeb0_JaffaCakes118
Size

36KB
MD5

b537bee208e32035ed531fde206baeb0
SHA1

2fa434b682af8cc5097f93ee7a42f5fbfb184537
SHA256

0b27c91f94ce882787904a54537609e9e8f701932ee850ab8309e10e8111b524
SHA512

1a54366375cacf8131fb3d67bfb8ed9ab83eba64a7bba741ca0aaa11b99fa6e81331952b7891b3d3440053a3c2e5a6b1e472fdc9a9a68e2979d6e82eef95ea4e
SSDEEP

384:NOy2J4TLV8hAX1Eml2klzyyEcOQQ1oXh6oZ+mQRu/AQCTv:gOHV8MPymOQQoh6o2g/kTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b537bee208e32035ed531fde206baeb0_JaffaCakes118

Files

b537bee208e32035ed531fde206baeb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeb367f334a8a9f165b811c1f1824177

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

GetArg
SkipLRBlk
SkipRightBlk
ZIDLOGPGM
PHB
GR
AllocLocalData
pvTerminateProgram
FreeLocalData
DBDatabase
DBClose
BcMain2
DBXAccess
BcxExit
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
CallDllFunction2
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE

bc32ui

TraceDebug2
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
DefinePos4
DBCreateVars2
DBDefineStructs
CANVID
pszDecodMessage
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
EntryInitProgramData

kernel32

FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FreeEnvironmentStringsW

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeb367f334a8a9f165b811c1f1824177

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 924B

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 924B