2f8fa3677bc75011b95f3818706f336d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f8fa3677bc75011b95f3818706f336d_JaffaCakes118
Size

76KB
MD5

2f8fa3677bc75011b95f3818706f336d
SHA1

b1f0df451962ad3165c7f81d67bb28c6fe21a4b5
SHA256

b02c8942354bcd3d504f92e3d8dd23337b78e216fbd7dee93214c38197b7215d
SHA512

285eafa7360d7875564a32540d43187df736deb7dd1cd27f522c4f98446d1eaa59cc4d304231b21cd73984fa6f0383668c0a1d9db874f40b69ad81ae0949896b
SSDEEP

1536:fFSZXf4djN2hTWjWeWXQW4TgeYOPf8oTvvaW3FcGnLqsfL:fFSJwd4cW+DMeYOn8oTvSW3+bsfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f8fa3677bc75011b95f3818706f336d_JaffaCakes118

Files

2f8fa3677bc75011b95f3818706f336d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f055d8e077c4f3d4eb7a8407303b547d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

InsDB6
ZNOKEY
FindDB5
ZPROFIS_INSTAL
CallDllFunction2
InvertDate
InvertPeriod
DBGetQueryData8
DBBindQueryField4
DBDefQuery8
ZDBSORGENTE
CountDB3
SetExEuro
WriteDB5
CVLire
ZEXEURO
TABClosePrinting
TABCloseSettings
TABJumpRowsExt
PRINTINFO
TABWriteLineExt
TABCheckIntrExt
UpdateDB5
GetTimeExt
ZOPERATORE
WS
GetSysTime2
BcxExit
DBClose
DBDatabase
FreeLocalData
RADDR
pvTerminateProgram
AllocLocalData
FormatNumber
FormatNumBlk
pFrmtBuffer
VARLIST
TABOffset
RPEE
RFLV
RPED
CheckProto
DelDB4
CallBCFunction
SkipRightBlk
SearchString
BCRound
ZDB_VALRECORD
SetCondition
PHD
ComposeFileName
GetDB5
ZENDFIL
pInfoExe
FormatDate
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
szTmpBuf
StrAdd
TABSet
fd1
Close
DBXAccess
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
BcMain2
DefineOutputDev

bc32ui

ResetVid6
GetCellGrid2
DefineEdit11
WgsRestoreWindow
RTAB
ExitTerminateProgram
WgsInitData
RCCHAN
DBRemoveVars
EntryTerminateProgram
ExitInitProgramData
KYM
RI
cColsRI
cRowsRI
pszDecodMessage
EntryInitProgramData
CANVID
DBDefineStructs
DBCreateVars2
GetDynamicStruct2
CountDynamicStruct
DefineDynamicStruct5
wKeyFlags
RRA
RIF
RO
ABCPRB
DeleteRowGrid2
InsertVarsEx2
DefineVarsEx2
ZGRIGA
InsertRowGrid9
LoadControlStruct
DefineCellGrid15
DefineTVString
InsertColGrid9
TraceDebug2
EntrySub2
pszID
DefineWindow10
DefineFormat
DefineLabel3
DefineGrid25
DefFuncKey3
RRI
ZDECOD
RCI
DefineButtonIvt
RunWindow5
ABC
ZVIDCOMPVIS
WgsRestoreInputData
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
DefinePos4
ExitSub
szProgramName
SYSDATEXT
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
WgsSetEnabledKeys

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f055d8e077c4f3d4eb7a8407303b547d

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 916B

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 916B