cfc1137c9ee0665d970c867c2d8084fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfc1137c9ee0665d970c867c2d8084fc_JaffaCakes118
Size

44KB
MD5

cfc1137c9ee0665d970c867c2d8084fc
SHA1

11743dab4f69a508dc1bfe3eedf4e39c72714e5e
SHA256

0e139f6f3ed1afe232bf010d6a38a43bf625b20216888912fcbb6d0a4f96afaa
SHA512

d3e370b41349d352ff7b8b7db673f4bdb3aab5fb0116b659fdc4533e8124eb0dd5df609272ccdeb2051f1c1af6278a4f4d6bff48e6d0457cb749b4e013258712
SSDEEP

384:74dTF8hwOOGZkzYZwyz1mljiRiB9FxZqPO9IhSoKE9n4tYCquRGN:4p8SjGuYZw+iB97ZiOChSoHhIYCHRGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc1137c9ee0665d970c867c2d8084fc_JaffaCakes118

Files

cfc1137c9ee0665d970c867c2d8084fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21028c4a80c6de16e7be82bb739d788e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

AllocLocalData
pvTerminateProgram
FreeLocalData
DBDatabase
DBClose
DBXAccess
BcxExit
TABWriteLineExt
SetOutParmsPrinter10
ZBCMSG
SetOutDev4
szTmpBuf
TABSet
DefineOutputDev
TABCloseSettings
TABClosePrinting
GetPrinterInfo5
ZBCERR
StrAdd
GetLineArgs
BcMain2
SkipRightBlk
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE

bc32ui

DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
RTAB
EntrySub2
pszID
DefineWindow10
DefineFormat
LoadControlStruct
DefineEdit11
DefineButtonIvt
RunWindow6
ABC
ZVIDCOMPVIS
WgsRestoreInputData
ExitSub
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
TraceDebug2
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
DefineLabel3

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21028c4a80c6de16e7be82bb739d788e

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 944B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 944B