c07910a7a4e3085933adbe16254e2342_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c07910a7a4e3085933adbe16254e2342_JaffaCakes118
Size

166KB
MD5

c07910a7a4e3085933adbe16254e2342
SHA1

65bbb6e84c3ce659f600f5a8f438b818ea231bed
SHA256

a0f960fe75186df85529c89b2adbcb7378e4c7efc9666ba5c6b121653e0722b9
SHA512

e549edb644911bc60bb7122f2b9c6b0f69f83983f128738366cb4cfb30a6e75f323ea84ebfbd4bd66d1d6f257222921ce383b98c7feced2c1b167480c8d2590c
SSDEEP

3072:0fNiGGsaUoyzvxt9EjYkMMkiRUVplM1QeXT5DPWklv/mGPau5HIco7EFS0:8FGSDxrEjYkMMkWGM7XT1Pzh/PDo7Ek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c07910a7a4e3085933adbe16254e2342_JaffaCakes118

Files

c07910a7a4e3085933adbe16254e2342_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1caa4a5cd7a51c808f0dad5c60fbc61e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaExitEachVar
__vbaError
__vbaEraseKeepData
__vbaDateR4
__vbaCyUI1
__vbaAryRebase1Var
__vbaBoolErrVar
__vbaBoolVarNull
__vbaCyAbs
__vbaAryConstruct2
__vbaCyMul

user32

LoadBitmapA
CreateCursor
wsprintfA
SetCursor
SetMenuInfo

advapi32

LsaLookupPrivilegeDisplayName
LsaFreeMemory
LsaEnumerateAccounts
LsaCreateTrustedDomainEx
LsaClose
LsaGetQuotasForAccount
RegCloseKey

kernel32

VirtualFree
MapViewOfFile
LoadLibraryA
GetLocalTime
GetCommandLineA
CompareStringA
TlsSetValue
TlsGetValue
lstrcmpA
lstrcmpiA
lstrcpyA

dinput

DirectInputCreateEx

Exports

Exports

Bnodmekn
Ceqcsx
Cyshyyfxi
Fkvtemunf
Gkyzoi
Gmua
Hmdaydcr
Hpxb
Ijrhrjgd
Kpmhrss
Lbru
Loaefjvzp
Minfkhta
Ngmzzf
Nzdylzguhvs
Okxlau
Pzjp
Tpxzneomg
Urhfdc
Vrxw
Zclnpys
Zxvsouug

Sections

.text
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ