608f13662b37d3cfad55089519d2dbdf_JaffaCakes118

General

Target

608f13662b37d3cfad55089519d2dbdf_JaffaCakes118
Size

59KB
MD5

608f13662b37d3cfad55089519d2dbdf
SHA1

69ecd4d879022af2e350a17faa6763892cc53943
SHA256

7bf86e9364a72ed23c25c7cacc5f8cccb975e8c6d7ce28af33c527a2fd4c41d2
SHA512

ee4fb6ca3ed427c840dd512432fd40e8496aab8513367c131eb4b81985a3ea54b278ce7168717351da481c5d7cfcfcba355d520bc71cc1db163c9b2ddcb35c46
SSDEEP

768:LWRiA8LQVrdTZuIZCFj76rDiiMNY/7Ooyw2jdrekkLj+EH+noGo1CR5Wqwq6wq+H:LWRiA8ardTZuIsuEoSDXcSEH+nmwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
608f13662b37d3cfad55089519d2dbdf_JaffaCakes118

Files

608f13662b37d3cfad55089519d2dbdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8f5bc16873bc63e7496d43d655128b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaExitProc
__vbaFileCloseAll
__vbaFileLock
__vbaFixstrConstruct
__vbaAryLock
__vbaExitEachColl
__vbaDerefAry1
__vbaCyStr
__vbaCyMulI2
__vbaCyI4
__vbaCyI2
__vbaCyForNext
__vbaCyErrVar
__vbaCopyBytes
__vbaAryMove
__vbaChkstk
__vbaCastObjVar
__vbaCVarAryUdt
__vbaBoolVar
__vbaAryRecCopy
__vbaAryConstruct

user32

ShowCaret
OffsetRect
MessageBoxA
EnableMenuItem
DrawIcon
DialogBoxParamA
CreateMenu
CreateIcon
CreateAcceleratorTableA
CharUpperBuffA
CharUpperA
ChangeMenuA
ActivateKeyboardLayout
LoadIconA

advapi32

LsaDeleteTrustedDomain
LsaEnumerateAccounts
LsaEnumerateTrustedDomains
LsaLookupNames
RegEnumKeyA
LsaCreateSecret
LsaDelete

kernel32

lstrcpyA
EnumResourceLanguagesW
EnumResourceLanguagesA
CompareStringA
FlushFileBuffers
GetDateFormatA
GetLocalTime
GetSystemTimeAsFileTime
GetTimeFormatA
InitializeCriticalSection
OpenFileMappingA
TlsAlloc
TlsFree
TlsGetValue
lstrcatA
EnumResourceTypesA

dinput

DirectInputCreateEx

Exports

Exports

Asxn
Dznnnfxp
Eclxrhfc
Isinve
Mregnu
Nbvvpzliowf
Ofasjnkzpx
Qaho
Qjnl

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e8f5bc16873bc63e7496d43d655128b

Headers

File Characteristics

Imports

msvbvm60

user32

advapi32

kernel32

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 11KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 24KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 11KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 24KB