060e703f2ad5a16acf81949712af4ec1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

060e703f2ad5a16acf81949712af4ec1_JaffaCakes118
Size

139KB
MD5

060e703f2ad5a16acf81949712af4ec1
SHA1

ed73c02603f41eec9c438cdf540c6d0e1e62b295
SHA256

c51f765a7238c2cb87ba169cf7471c1ce5a65c56d6db4c9cd44ddb90091ca52d
SHA512

9bb479458b41f934eb586ff6b608d9cc937488b82966be3263d8a4d4ad2b24b3efd48363d03047a6cb3000ccb93b77dbde5e3783b5a1c767fb79225603d97e3f
SSDEEP

3072:6DzKW0aCydahU6+DWbWCCmSBytQOUUwrCJy:2KzHyKBiWSHdytQyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
060e703f2ad5a16acf81949712af4ec1_JaffaCakes118

Files

060e703f2ad5a16acf81949712af4ec1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36e1aa9977f28daa7fd43b5b11e0cc2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
GetTimeFormatA
LocalAlloc
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
lstrcatA

user32

IsCharUpperA
GetDC
GetCursor
DrawIcon
SetMenuInfo
DeleteMenu
CreateIconFromResourceEx
CreateDesktopA
CharPrevA
DestroyCaret

advapi32

LsaICLookupNames
LsaLookupNames
RegEnumKeyA
RegQueryValueA
LsaGetSystemAccessAccount
LsaGetQuotasForAccount
LsaEnumerateTrustedDomains
LsaEnumeratePrivilegesOfAccount
LsaEnumerateAccountsWithUserRight
LsaEnumerateAccounts
LsaEnumerateAccountRights
LsaDeleteTrustedDomain
LsaCreateAccount
LsaGetUserName

msvbvm60

__vbaForEachCollAd
__vbaFileCloseAll
__vbaExitEachColl
__vbaExceptHandler
__vbaError
__vbaEraseKeepData
__vbaDateR8
__vbaCyUI1
__vbaCyStr
__vbaCySgn
__vbaCyForInit
__vbaCopyBytesZero
__vbaCheckType
__vbaCastObjVar
__vbaBoolVarNull
__vbaBoolErrVar
__vbaAryVarVarg
__vbaAryRecMove
__vbaAryRecCopy
__vbaCyI4

dinput

DirectInputCreateEx

Exports

Exports

Arreqblu
Bakf
Cbrmpsjq
Eh
Mhfp
Mhrfrcnmfq
Mixfwqiublx
Oelraapiyrt
Puoxv
Pyvudl
Wgyzyr
Ydcy

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36e1aa9977f28daa7fd43b5b11e0cc2e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 45KB - Virtual size: 48KB

.data Size: 69KB - Virtual size: 72KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 45KB - Virtual size: 48KB

.data
Size: 69KB - Virtual size: 72KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB