338041c33bb57c0e4135b80bf0694270_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

338041c33bb57c0e4135b80bf0694270_JaffaCakes118
Size

145KB
MD5

338041c33bb57c0e4135b80bf0694270
SHA1

9cf586bb5239e9574d6c8cd99a043a9bafdd6db4
SHA256

57a680aefa450384357cbce6fcc9ada5f724705db0400bb2747253973b353d4a
SHA512

db3f5d51bfd9fce482112f5b122d87140e79fb2df10c526ae4b9e66def65edd988585e79daf4ffd432ef676e1141abec90318fb488297abd84590b2f37f3f70d
SSDEEP

3072:XNK7QU8ExWWgXWPwWUHA3iGylXiNBBbyhQB52N2AeRRCFg0PYkByg:U7QQxvDkHAfoXLhQB52QRnv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338041c33bb57c0e4135b80bf0694270_JaffaCakes118

Files

338041c33bb57c0e4135b80bf0694270_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f9779ecc29e9d194b474c6a1ebbd010

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
RtlUnwind
SetUnhandledExceptionFilter
UnmapViewOfFile
lstrcmpiA

user32

ShowCaret
LoadIconA
LoadBitmapA
DrawStateA
CreateMDIWindowA
CharToOemBuffA
CharToOemA
DrawTextA

advapi32

LsaCreateTrustedDomainEx
LsaGetRemoteUserName

msvbvm60

__vbaCheckTypeVar
__vbaAryUnlock
__vbaFileSeek
__vbaCyAdd
__vbaError
__vbaEnd
__vbaCyMul

dinput

DirectInputCreateA
DirectInputCreateEx

Exports

Exports

Swa
Wacommce

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ