b579f098f8a9cd416d12ab4c9d2a6d46_JaffaCakes118

General

Target

b579f098f8a9cd416d12ab4c9d2a6d46_JaffaCakes118
Size

46KB
MD5

b579f098f8a9cd416d12ab4c9d2a6d46
SHA1

5d09faa7d19be1314f0fe29fc501da491106bc90
SHA256

1441f068a159a7539224148057e7d7df5fcf7f43fb1d4681216493e8ab9abdd7
SHA512

bee8cddb2c4f54c997c1b5a39751521b5bd66a9bb7cc9e6b8bb8bc275a812a452e42831f7926308e46e21ac1f32bdce59b8e0d326ba5c63bc02fb1d7abb6835c
SSDEEP

768:Gzd5qboQfxh4WBUOrZZW5exqUZb8B0xDE0Gyq+o+zEui:LoqBBTtZKMqUZbDxDtGP+Fz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b579f098f8a9cd416d12ab4c9d2a6d46_JaffaCakes118

Files

b579f098f8a9cd416d12ab4c9d2a6d46_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a36deaa71347f2e36b3b80624b9dda0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceNamesA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
LocalAlloc
RtlUnwind
SetUnhandledExceptionFilter
SleepEx
TlsFree
TlsGetValue
TlsSetValue
WriteFile
lstrcpyA
lstrcpynA
lstrlenA

user32

ToAscii
LoadImageA
IsCharUpperA
IsCharLowerA
EndPaint
EndDialog
EnableScrollBar
EmptyClipboard
DrawIcon
DrawCaption
DestroyMenu
CreateDesktopA

advapi32

LsaEnumerateAccountRights
LsaGetUserName
LsaICLookupNames
LsaLookupNames
LsaLookupPrivilegeDisplayName
RegEnumKeyA
LsaCreateTrustedDomain
LsaCreateSecret
LsaCreateAccount
LsaDeleteTrustedDomain

msvbvm60

__vbaCyForInit
__vbaCyAdd
__vbaCheckType
__vbaForEachAry
__vbaError
__vbaErase
__vbaDateVar
__vbaCySgn
__vbaCyMulI2
__vbaCyMul
__vbaCyI4
__vbaBoolStr
__vbaAryRebase1Var
__vbaAryLock
__vbaAryCopy
__vbaCyForNext

dinput

DirectInputCreateEx
DirectInputCreateW
DirectInputCreateA

Exports

Exports

Btgobb
Cthzj
Imicimvvme
Nmyc

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36deaa71347f2e36b3b80624b9dda0b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 13KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 13KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB