96cab8de20fe6930370ab94875f25498_JaffaCakes118

General

Target

96cab8de20fe6930370ab94875f25498_JaffaCakes118
Size

48KB
MD5

96cab8de20fe6930370ab94875f25498
SHA1

0d3dd22dae4f8395288b2a183d90a17d061852b6
SHA256

ecd4334eacffc485dee24bf1581e8372261c4cc0e8302fc0368c832e9260e15b
SHA512

787cb4945e95333315a0c502ba00159d37e967bce6965b8260bcce33207eecb90a342fe1919bf3f30afd8e7c389022da871ae4728bc94b4edb9e2b89f952d8a3
SSDEEP

768:ECwUR8S+ibLNRWn6shqeV0XZ2/PMLeQ69+x6+zEui:EPO8RiV+JV6rer+xHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96cab8de20fe6930370ab94875f25498_JaffaCakes118

Files

96cab8de20fe6930370ab94875f25498_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
EnumResourceTypesA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetDateFormatA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
InitializeCriticalSection
RtlUnwind
SetEndOfFile
SetUnhandledExceptionFilter
lstrcatA
lstrlenA

user32

GetDC
FillRect
EqualRect
EndDeferWindowPos
GetMessageA
DefDlgProcA
CreateMenu
CreateDialogIndirectParamA
ChangeMenuA
IsCharUpperA
LoadImageA
DestroyIcon

advapi32

RegOpenKeyExA
RegEnumKeyA
LsaClose
LsaCreateSecret
LsaCreateTrustedDomain
LsaDelete
LsaDeleteTrustedDomain
LsaEnumerateAccounts
LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomainsEx
LsaFreeMemory
LsaGetSystemAccessAccount
LsaGetUserName
LsaLookupNames
LsaLookupPrivilegeDisplayName

msvbvm60

__vbaFileSeek
__vbaDerefAry1
__vbaCyUI1
__vbaCyForInit
__vbaCyFix
__vbaCyAdd
__vbaCastObjVar
__vbaAryVarVarg
__vbaAryDestruct

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

Exports

Exports

Rmu
Txwrsxvrzac
Ufrrnebj
Zf

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 14KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 14KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB