48e60a9ca7d86276d242e1281a0051e2_JaffaCakes118 | Triage

Sharing

General

Target

48e60a9ca7d86276d242e1281a0051e2_JaffaCakes118
Size

28KB
MD5

48e60a9ca7d86276d242e1281a0051e2
SHA1

512fb797deec1dd4e6f132879b3df96e26d836f7
SHA256

a74bf22e47c20c78518b9af30bf27f0d2fd44da2dbfb2f9c1a377298e91f31a0
SHA512

08a6841fe68ee9363d74544c1b4178a18663c69799b1c34c89d51f3967ba5e1095d3f00415121486ef4fe9fae483d49efd1ea910a289e56ce7c804fab30d986f
SSDEEP

384:T75JH9HFE7kv3Fhm0aP/iT8BB2onW5wfnRcB3OQ8E03HJAeWzFUKZa:3E7Ozm038vnWgnRcBeQ8rCzpUKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48e60a9ca7d86276d242e1281a0051e2_JaffaCakes118

Files

48e60a9ca7d86276d242e1281a0051e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2686c8ad4c4a01f02aa8b633a611ae3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
OpenFileMappingA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
lstrcatA
lstrcmpA

user32

EndPaint
CloseWindow
CharUpperBuffA
EqualRect

advapi32

LsaGetRemoteUserName
LsaICLookupSids
LsaLookupNames
RegEnumKeyA
RegOpenKeyExA
LsaEnumeratePrivilegesOfAccount
LsaEnumeratePrivileges
LsaEnumerateAccountRights
LsaDeleteTrustedDomain

msvbvm60

__vbaDateStr
__vbaEraseKeepData
__vbaCyUI1
__vbaCyFix
__vbaCyErrVar
__vbaCopyBytesZero
__vbaAryVarVarg
__vbaAryConstruct2

dinput

DirectInputCreateA
DirectInputCreateW
DirectInputCreateEx

Exports

Exports

Woycd
Wspkughcocw

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ