4d660ff9b35b0c9a5c1f7fbffa2608b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d660ff9b35b0c9a5c1f7fbffa2608b7_JaffaCakes118
Size

141KB
MD5

4d660ff9b35b0c9a5c1f7fbffa2608b7
SHA1

0dbf22065754a2fd99553f7c72498ca062a57ec8
SHA256

005d16a0e7bc98933ccfbc0f8bd0a874d1e0dce9743289b0660555e1a660306c
SHA512

870a6c0ce3cce2ca9518ae4d9f6dd19cfdf357e6a3bef0c571f6de795f8a425db20c0ed7df47551c07c52db4f79982d2a8fbd6e3c4c0f88724e16f152a458601
SSDEEP

3072:xPG4Uk/w75dfV2qSFoqiwLAbmPgJvA0TcD5wrCQ:AvkU5dfUqSUbFvAkqmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d660ff9b35b0c9a5c1f7fbffa2608b7_JaffaCakes118

Files

4d660ff9b35b0c9a5c1f7fbffa2608b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f9779ecc29e9d194b474c6a1ebbd010

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
RtlUnwind
SetUnhandledExceptionFilter
UnmapViewOfFile
lstrcmpiA

user32

ShowCaret
LoadIconA
LoadBitmapA
DrawStateA
CreateMDIWindowA
CharToOemBuffA
CharToOemA
DrawTextA

advapi32

LsaCreateTrustedDomainEx
LsaGetRemoteUserName

msvbvm60

__vbaCheckTypeVar
__vbaAryUnlock
__vbaFileSeek
__vbaCyAdd
__vbaError
__vbaEnd
__vbaCyMul

dinput

DirectInputCreateA
DirectInputCreateEx

Exports

Exports

Swa
Wacommce

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ