7613df09d6763919224c16e81ddbd8e2_JaffaCakes118

General

Target

7613df09d6763919224c16e81ddbd8e2_JaffaCakes118
Size

44KB
MD5

7613df09d6763919224c16e81ddbd8e2
SHA1

0b8c8d60de9a5343461a84a9107fea6f8b57fc2b
SHA256

79b1e7bb24fbdf181b4d451e81489e04799831a491f0f4e56798d2a6e9048afc
SHA512

2c376e7337c762202ff738c812ace3392bb6020b3d44ed1131781a9f3823fe7659ecd5f43cf44e317dcbb0bbfeff9bb2d0d05632532637a80811258f1b2b9970
SSDEEP

768:6uo1DVnBHEp2ZCGM8/c8enPMDFr0ndngI0XlUsFdOajLwvbHha+wJLW7Z+yUW+ze:6LDVn6p0X5/ynPsEd6XlUsFdBwvbBnBy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7613df09d6763919224c16e81ddbd8e2_JaffaCakes118

Files

7613df09d6763919224c16e81ddbd8e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96c1f2f8bea79ecc0a793e497e7f10eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumResourceNamesA
ExitProcess
GetACP
GetCommandLineA
GetFileSize
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
LoadLibraryA
RtlUnwind
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

ToAscii
ShowCursor
ShowCaret
SetFocus
RegisterClassA
LoadAcceleratorsW
GetMenu
EnableWindow
DestroyIcon
DestroyCursor
DeleteMenu
CreateDesktopW
CreateDesktopA
CharNextA
ShowScrollBar

advapi32

RegQueryValueA
LsaClose
LsaCreateTrustedDomainEx
LsaDeleteTrustedDomain
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomains
LsaGetQuotasForAccount
LsaGetUserName
LsaICLookupNames
LsaLookupNames
LsaLookupPrivilegeDisplayName
RegOpenKeyExA

msvbvm60

__vbaAryVarVarg
__vbaBoolStr
__vbaCastObjVar
__vbaFileSeek
__vbaFileCloseAll
__vbaExitEachAry
__vbaDateVar
__vbaCyVar
__vbaCyInt
__vbaCyI4
__vbaCopyBytes
__vbaCheckType
__vbaBoolErrVar

dinput

DirectInputCreateA
DirectInputCreateW
DirectInputCreateEx

Exports

Exports

Mpb
Qqnzbykt

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96c1f2f8bea79ecc0a793e497e7f10eb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 11KB - Virtual size: 12KB

.data Size: 7KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 11KB - Virtual size: 12KB

.data
Size: 7KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB