b298be9a6b21da415a58d1eb4c6a2bbe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b298be9a6b21da415a58d1eb4c6a2bbe_JaffaCakes118
Size

140KB
MD5

b298be9a6b21da415a58d1eb4c6a2bbe
SHA1

2d949df69eb423ac5c5d07b852ae820d449142cd
SHA256

09a2fe6c114467ce0b5bcec05f19bf23444196a444bc8408fa57f83621c552d1
SHA512

50b2db303e702b8809659fdf9d284c18a1b7ab2c948b4b90ae908dca3754118f7a596a9d12c354334b088ad9dd4b413eafc38bf062d2ff12420267608e7d31c2
SSDEEP

1536:LpBPp/7z8YZh1pcs8Ziu2iDs062T02ipqzNvQmdoeU3u7qcVZBZtYSW5HdQmCbTV:NBPRzpAIprsQmdoEBNZtkdsy1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b298be9a6b21da415a58d1eb4c6a2bbe_JaffaCakes118

Files

b298be9a6b21da415a58d1eb4c6a2bbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29a2477b18b3490922b99c8738e12ad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

TABOffset
RPEE
RFLV
RPED
RADDR
CheckProto
FormatNumber
PRP
pszTmpPtr
BCXGetEnv
WS
ZSYSUSERNAME
ZSYSPCNAME
VARLIST
IDS8_DBLCP
ZBCMSG
ZBCMSGEX
ZBCERR
BCGetFileSize
SaveOption2
ReadOption3
Name3
GetPartOfString
SearchString
GetLeftChar
GetRegistryValue2
pFrmtBuffer
AddSl
CheckDirectory2
Kill
ComposeFileName
InsDBStruct5
SetString
CallDllFunction2
SkipRightBlk
ZSIR
SkipLRBlk
StrAdd
AllocLocalData
pvTerminateProgram
FreeLocalData
DBDatabase
DBClose
DBXAccess
BcxExit
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
PHB
CallBCFunction
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
BcMain2
ZOPERATORE
pInfoExe

bc32ui

DefineButtonGrid5
DefineCellGrid15
DefineFormat
INSCOLGRID_PERSONALIZZABILE
INSCOLGRID_NASCOSTA
INSCOLGRID_LARGDINAMICA
INSCOLGRID_End
INSCOLGRID_LARG
INSCOLGRID_TIT
DefineTVString
INSCOLGRID_Init
DefGridToolbarButton
DefineAdvGrid15
DefineWindow10
pszID
EntrySub2
InsertRowGrid9
ZGRIGA
DeleteRowGrid3
DelDynamicStruct
ABCPRB
DefineTVDouble
SetCellGrid8
SetDynamicStruct
AddDynamicStruct
DefineButtonIvt
DefineEdit11
DefineLabel3
DefineGroupBox3
GetStyle
BlobAdd
ExecDocument3
GettingRowGrid2
ZGRIGHE_TOT
ZapDynamicStruct
DefVidWaitMsg3
FreeBlob
pszDecodMessage
wKeyFlags
RTAB
RRA
RIF
RO
SetFuncKeyHide
SetFuncKeyEnable
SetEditConditions3
SetLabelHide
SetAdvColGridConditions
DeleteWindow
DefineXMLAttr3
DefineXMLElement3
PutXMLData5
SetBrowserEdit
DefineImage6
DefineTimer
DefineStyle4
BlobMid
BlobInstr
ReadBlob
ExitWindow
ResetVid7
ZVIDNAME
KillDynamicStruct
GetXMLData4
SendEmail15
CheckMail2
DefineAdvGridEnd
DefFuncKey3
RRI
ZDECOD
RCI
RunWindow6
ABC
ZVIDCOMPVIS
WgsRestoreInputData
ExitSub
CountDynamicStruct
DefineDynamicStruct5
DefineResource
TraceDebug2
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
DefinePos4
FindDynamicStruct
GetDynamicStruct2
DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
DefineAdvGridCallConditions

bc32com

DefinePostHttpItem
PostHttp2

kernel32

ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
LCMapStringA
LCMapStringW

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29a2477b18b3490922b99c8738e12ad0

Headers

File Characteristics

Imports

bc32fn

bc32ui

bc32com

kernel32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 32KB - Virtual size: 31KB