de056b3f5172928b5aab7f485dd9d913_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de056b3f5172928b5aab7f485dd9d913_JaffaCakes118
Size

164KB
MD5

de056b3f5172928b5aab7f485dd9d913
SHA1

7f1fd461461d32fdc99a349bb48a5fbea91fd2ef
SHA256

917a9a2d78fcaf7aac57a6c5f803664ce0d75c4c970c909250b0aa8b2f67d7ea
SHA512

ac91b51bff8677bcb2ae0f544670dc340cb10938cef6129c7bec103cc96ba16e865b8b0ff9374c8425c0e5064ac18102bc7399a6b4704edd400d22e32fd85646
SSDEEP

3072:6BzaQfhZsOjISMM/mLMWzcDp+2hCG7DZdT0n6MbrmoB2hU:gaQf1I6/mZccg7DzAb6m2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de056b3f5172928b5aab7f485dd9d913_JaffaCakes118

Files

de056b3f5172928b5aab7f485dd9d913_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a7792d432f8236a123bf4349321c9b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaBoolVar
__vbaCastObj
__vbaCopyBytes
__vbaCyErrVar
__vbaCyInt
__vbaCySgn
__vbaAryVarVarg
__vbaDerefAry
__vbaErase
__vbaEraseKeepData
__vbaFailedFriend
__vbaFileCloseAll
__vbaAryLock
__vbaCyVar
__vbaAryCopy

user32

CreateIconFromResourceEx
DestroyCaret
DrawIcon
EndDialog
GetDlgItem
GetFocus
LoadImageA
OemToCharA
ShowWindow
CreateDialogParamA
CreateAcceleratorTableA
CharToOemA
BeginPaint
CloseWindow

kernel32

GetModuleHandleA
VirtualFree

dinput

DirectInputCreateW

Exports

Exports

Bltvtjcgy
Ulhkbubbmez

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ