741bb3a15e673c4a0d99cd823141f28f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

741bb3a15e673c4a0d99cd823141f28f_JaffaCakes118
Size

28KB
MD5

741bb3a15e673c4a0d99cd823141f28f
SHA1

6f6c3f1fcb1e09d2118346528087cee8fd531516
SHA256

96f4a5375fd5ae7512cd4aaa81286bba2b7a69a27a1c00472b1bf3d592686e6c
SHA512

4c61b8198608d22c93bfd26992450c2293d2595e2395938362c79d7f1b49914ebf7e5040e51d721dee3e8f8b3591b6d8ed0279272bf6af133122b31ffdca4282
SSDEEP

384:HbPVQI5Tl8D4SwLbmVc8I9k5kw9aYwqU1mFBxAEtvPUjCs53qb8sUTBRCphdN9e3:HbVL5Sb/DD9aFWxjPU/Wwiphd3crKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
741bb3a15e673c4a0d99cd823141f28f_JaffaCakes118

Files

741bb3a15e673c4a0d99cd823141f28f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2ffa62d50caebd8a9dbd07b5915965a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
lstrcmpA

user32

LoadAcceleratorsW
DefDlgProcA
CharLowerA
SetFocus
SetMenuInfo
DispatchMessageA
FillRect

advapi32

LsaDelete
LsaEnumerateAccountRights
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomainsEx
LsaGetUserName
RegEnumKeyA
RegOpenKeyExA
LsaCreateSecret
LsaCreateTrustedDomainEx

msvbvm60

__vbaFailedFriend
__vbaCyVar
__vbaCyUI1
__vbaCyForInit
__vbaBoolVarNull
__vbaBoolStr
__vbaAryVarVarg
__vbaAryCopy
__vbaAryLock

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

Exports

Exports

Secvht
Xieohnn

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ