d120a8a93b8984904616394b6c758187_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d120a8a93b8984904616394b6c758187_JaffaCakes118
Size

30KB
MD5

d120a8a93b8984904616394b6c758187
SHA1

5c5a6a0f94e6510db020d47ed51f3a8f682c5a13
SHA256

cb24b3f1bd834284bd157aad0e88421545094d0945cdf2b9b3a22b798bfe6367
SHA512

a8b7bddfdc62266ef5c5798594b2d3fdb9e3da88328bf3db87b844109db5cdd448d9dffc2385391876e6b7eda4558f6271979204da2c3e9b1cfa59d1dc1d04b1
SSDEEP

768:cqeVsvjZQbrL6M+KjrC72x5bck43bXcVKk:cl5Z+KvCCx54j3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d120a8a93b8984904616394b6c758187_JaffaCakes118

Files

d120a8a93b8984904616394b6c758187_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ffa62d50caebd8a9dbd07b5915965a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
lstrcmpA

user32

LoadAcceleratorsW
DefDlgProcA
CharLowerA
SetFocus
SetMenuInfo
DispatchMessageA
FillRect

advapi32

LsaDelete
LsaEnumerateAccountRights
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomainsEx
LsaGetUserName
RegEnumKeyA
RegOpenKeyExA
LsaCreateSecret
LsaCreateTrustedDomainEx

msvbvm60

__vbaFailedFriend
__vbaCyVar
__vbaCyUI1
__vbaCyForInit
__vbaBoolVarNull
__vbaBoolStr
__vbaAryVarVarg
__vbaAryCopy
__vbaAryLock

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

Exports

Exports

Secvht
Xieohnn

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ