bea552aae763c4611b25650276f0c53e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bea552aae763c4611b25650276f0c53e_JaffaCakes118
Size

47KB
MD5

bea552aae763c4611b25650276f0c53e
SHA1

c87ddad2f038b0455010988e48e88dde3b734524
SHA256

d4ec5f1a87d07b23ec8e9095333b0261e9af99945df18f68d33034a714a3ad76
SHA512

9bac7f815710f22e410bb388031403c9d448e8483bebe48950e66953deaa42c238c9a60d1e13464be4982e5053ef01f023b891729e4e005fc696abdbf671007a
SSDEEP

768:HfWKTKp6G8yWp4zpeLC4HL7tF1/EhR9nLlvHAaCAjgGUU/BjXeJRI16QJ+x6+zE9:/W8Mi4zppsndO9npvzCK/pXMu+xHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bea552aae763c4611b25650276f0c53e_JaffaCakes118

Files

bea552aae763c4611b25650276f0c53e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f9779ecc29e9d194b474c6a1ebbd010

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
RtlUnwind
SetUnhandledExceptionFilter
UnmapViewOfFile
lstrcmpiA

user32

ShowCaret
LoadIconA
LoadBitmapA
DrawStateA
CreateMDIWindowA
CharToOemBuffA
CharToOemA
DrawTextA

advapi32

LsaCreateTrustedDomainEx
LsaGetRemoteUserName

msvbvm60

__vbaCheckTypeVar
__vbaAryUnlock
__vbaFileSeek
__vbaCyAdd
__vbaError
__vbaEnd
__vbaCyMul

dinput

DirectInputCreateA
DirectInputCreateEx

Exports

Exports

Swa
Wacommce

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ