8c1b7048ab59a9e297eeca3669c33caf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c1b7048ab59a9e297eeca3669c33caf_JaffaCakes118
Size

164KB
MD5

8c1b7048ab59a9e297eeca3669c33caf
SHA1

9c859f0b38789d0ce4d815cf06937a230028e3a1
SHA256

d4ef0cd8bfe40652ac232239e72103cfb78b2af8ec1a077a62ee90c4045ca4c4
SHA512

0bb2261ec9f069c263e40f5e6ed39b643e8fdc7961e6a500637594ae15496ff4f71be835dc95a1dc598de1e43f77a63570d10f34405033b9890752edf7ae6509
SSDEEP

3072:aBzaQfhZsOjISMM/mLMWzcDp+2hCG7DZdT0n6MbrmoB2hU:AaQf1I6/mZccg7DzAb6m2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c1b7048ab59a9e297eeca3669c33caf_JaffaCakes118

Files

8c1b7048ab59a9e297eeca3669c33caf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a7792d432f8236a123bf4349321c9b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaBoolVar
__vbaCastObj
__vbaCopyBytes
__vbaCyErrVar
__vbaCyInt
__vbaCySgn
__vbaAryVarVarg
__vbaDerefAry
__vbaErase
__vbaEraseKeepData
__vbaFailedFriend
__vbaFileCloseAll
__vbaAryLock
__vbaCyVar
__vbaAryCopy

user32

CreateIconFromResourceEx
DestroyCaret
DrawIcon
EndDialog
GetDlgItem
GetFocus
LoadImageA
OemToCharA
ShowWindow
CreateDialogParamA
CreateAcceleratorTableA
CharToOemA
BeginPaint
CloseWindow

kernel32

GetModuleHandleA
VirtualFree

dinput

DirectInputCreateW

Exports

Exports

Bltvtjcgy
Ulhkbubbmez

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ