46262986c257be3035c5fecc09cd6f1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46262986c257be3035c5fecc09cd6f1b_JaffaCakes118
Size

96KB
MD5

46262986c257be3035c5fecc09cd6f1b
SHA1

ba65f642b8639d1ee7533dd10facb0b27cacab08
SHA256

7743b54c20422b08b46ce6b7c989c171308cc66d935605f15be004f37cccbe5b
SHA512

e3327116a39fdef9e7fabab62479d6054889cb20034bf67564c6cc3c3187a4109398a870d91b73e92916d1073c28972815f77d9eb8152365a65b86d2cf9116c0
SSDEEP

1536:RlSIeEJ9QY2xJGS9vdpssVXvONTgraojHm5comUSN9SJAL7QJ9R:R16XvOBgWorbNiAoJ9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46262986c257be3035c5fecc09cd6f1b_JaffaCakes118

Files

46262986c257be3035c5fecc09cd6f1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

423db1f4c284162e3e3e28b7d65ca1eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

szTmpBuf
TmpLogFile
DBCheckDBData4
PHD
DBDatabase
PHB
ZVER_CONFIG
BcxExit
DBClose
FreeLocalData
RADDR
BCGetFileSize
AllocLocalData
SetString
GetLeftChar
DefineOutputDev
GR
AddSl
GetRightChar
FormatDouble
SetExEuro
DBXAccess
DBFILEINFO
ZDBSORGENTE
WriteDBStruct6
FormatNumber
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
ANNOEXT
BcMain2
CallDllFunction2
GetLineArgs
SkipRightBlk
SetCondition
PHT
ComposeFileName
GetDBStruct5
ZENDFIL
TABCloseSettings
TABClosePrinting
FormatNumBlk
StrAdd
CloseDBStruct3
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
pvTerminateProgram

bc32ui

KYM
RI
cColsRI
cRowsRI
EntryInitProgramData
CANVID
GetStrTestDynValue
DBDefineStructs
DBCreateVars2
DefineButtonIvt
DefineEdit11
DefineComboOptions
DefineTVDouble
RIF
RRA
ExitInitProgramData
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
GetDynamicStruct2
RRI
ZDECOD
RCI
TraceDebug2
EntrySub2
pszID
DefineWindow10
DefineFormat
DefineLabel3
GetStyle
DefineGroupBox3
DefFuncKey3
RunWindow6
ZVIDCOMPVIS
WgsRestoreInputData
ExitSub
szProgramName
DefineDynamicStruct5
WgsSetEnabledKeys
WgsMessageBoxEx
ZapDynamicStruct
WgsSetDefinedKeys
WgsSetUncheckedKeys
DefinePos4
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
ABC

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

423db1f4c284162e3e3e28b7d65ca1eb

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 940B

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 940B