09ee3feb9e8a9687b57c758bbc9470cd_JaffaCakes118

General

Target

09ee3feb9e8a9687b57c758bbc9470cd_JaffaCakes118
Size

40KB
MD5

09ee3feb9e8a9687b57c758bbc9470cd
SHA1

36eed58cd5240ebcdfe1f1911e80d0a76ef465a0
SHA256

6b480cbf8dba6abbd541ed1dd027fda2d4132657f2b8493b4f19111b9e01a822
SHA512

d5da26fba0e80614293966097a298567ca6bc6620fe4d2f91ccb34e5b8ef472423970dbe4ad1ec9195163df4b999a509592f265a01d03aaed9ec5cbd725e5492
SSDEEP

768:RnbDkQgPKkKYhZNnLmiB9yIZvYg/HQhSoXCf7xvjl:Rn/kTPUc3nlvYCToXCfVvjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ee3feb9e8a9687b57c758bbc9470cd_JaffaCakes118

Files

09ee3feb9e8a9687b57c758bbc9470cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e1bbd7f4ddd2de152159091724d9251

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

CallDllFunction2
GetLineArgs
SkipRightBlk
SetPrintPageParms3
PRINTINFO
TABCloseSettings
TABClosePrinting
AllocLocalData
pvTerminateProgram
BcMain2
FreeLocalData
DBDatabase
DBClose
DBXAccess
BcxExit
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
SetExEuro
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE

bc32ui

TraceDebug2
DefinePrintJob3
DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
RI
KYM
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
cColsRI

kernel32

GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e1bbd7f4ddd2de152159091724d9251

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 980B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 980B