34f7c8499aef094264470c79c9c6936c_JaffaCakes118

General

Target

34f7c8499aef094264470c79c9c6936c_JaffaCakes118
Size

48KB
MD5

34f7c8499aef094264470c79c9c6936c
SHA1

35711d1bbc574ec7c36696f90d7d97ae0c334e11
SHA256

4138c18a29b57479dab6e31035183fcd308e9089a85d01d951e7ffebfb4b6115
SHA512

0e1fdb7bd39ce6ab220dc05ed5c700f9ca2ff94e4316234f4a6883dbbeae318e195fb6f51fe6cb7af84e13fe72e3532293c2a383a1fcd999eedb8fe6e907b0a7
SSDEEP

768:cCwUR8S+ibLNRWn6shqeV0XZ2/PMLeQ69+x6+zEui:cPO8RiV+JV6rer+xHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f7c8499aef094264470c79c9c6936c_JaffaCakes118

Files

34f7c8499aef094264470c79c9c6936c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
EnumResourceTypesA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetDateFormatA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
InitializeCriticalSection
RtlUnwind
SetEndOfFile
SetUnhandledExceptionFilter
lstrcatA
lstrlenA

user32

GetDC
FillRect
EqualRect
EndDeferWindowPos
GetMessageA
DefDlgProcA
CreateMenu
CreateDialogIndirectParamA
ChangeMenuA
IsCharUpperA
LoadImageA
DestroyIcon

advapi32

RegOpenKeyExA
RegEnumKeyA
LsaClose
LsaCreateSecret
LsaCreateTrustedDomain
LsaDelete
LsaDeleteTrustedDomain
LsaEnumerateAccounts
LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomainsEx
LsaFreeMemory
LsaGetSystemAccessAccount
LsaGetUserName
LsaLookupNames
LsaLookupPrivilegeDisplayName

msvbvm60

__vbaFileSeek
__vbaDerefAry1
__vbaCyUI1
__vbaCyForInit
__vbaCyFix
__vbaCyAdd
__vbaCastObjVar
__vbaAryVarVarg
__vbaAryDestruct

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

Exports

Exports

Rmu
Txwrsxvrzac
Ufrrnebj
Zf

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 14KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 14KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB