e172aa4df2bcf01cdf43d8b408b40d88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e172aa4df2bcf01cdf43d8b408b40d88_JaffaCakes118
Size

28KB
MD5

e172aa4df2bcf01cdf43d8b408b40d88
SHA1

1b673a470036327a403695e24ec18b74d5cd1e4e
SHA256

482db681b78b40497162a88291fddd5c5f111944a29bcdb4a10924594901ed15
SHA512

932559d16b46699033cd23da104238d6e2ed34d03ec6c40154dbdd79bdc4b0b639c275bee1599b7891a06635912af47f8b5f5d03f5e09ed4542bf17018564842
SSDEEP

384:L75JH9HFE7kv3Fhm0aP/iT8BB2onW5wfnRcB3OQ8E03HJAeWzFUKZa:vE7Ozm038vnWgnRcBeQ8rCzpUKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e172aa4df2bcf01cdf43d8b408b40d88_JaffaCakes118

Files

e172aa4df2bcf01cdf43d8b408b40d88_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2686c8ad4c4a01f02aa8b633a611ae3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
LeaveCriticalSection
OpenFileMappingA
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
lstrcatA
lstrcmpA

user32

EndPaint
CloseWindow
CharUpperBuffA
EqualRect

advapi32

LsaGetRemoteUserName
LsaICLookupSids
LsaLookupNames
RegEnumKeyA
RegOpenKeyExA
LsaEnumeratePrivilegesOfAccount
LsaEnumeratePrivileges
LsaEnumerateAccountRights
LsaDeleteTrustedDomain

msvbvm60

__vbaDateStr
__vbaEraseKeepData
__vbaCyUI1
__vbaCyFix
__vbaCyErrVar
__vbaCopyBytesZero
__vbaAryVarVarg
__vbaAryConstruct2

dinput

DirectInputCreateA
DirectInputCreateW
DirectInputCreateEx

Exports

Exports

Woycd
Wspkughcocw

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ