2b9d41de108dc138dba4fc9bf62f4a08_JaffaCakes118

General

Target

2b9d41de108dc138dba4fc9bf62f4a08_JaffaCakes118
Size

48KB
MD5

2b9d41de108dc138dba4fc9bf62f4a08
SHA1

97922dea2bec3839268a388582109fcdd2d8dc18
SHA256

7e78d8e4ce1dd0058b00b9c527e5ede26170303e1417a8d7aaeea2ac958ce8da
SHA512

3fd7d5014c3e56c8c93d9ff2726d742652c8bf003cec1370aaeed28be86de89fa3f75ebc172a883abe5e4e5d0e0b51cf26c714117a98ded19cde57637c88aee7
SSDEEP

768:BCwUR8S+ibLNRWn6shqeV0XZ2/PMLeQ69+x6+zEui:BPO8RiV+JV6rer+xHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b9d41de108dc138dba4fc9bf62f4a08_JaffaCakes118

Files

2b9d41de108dc138dba4fc9bf62f4a08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
EnumResourceTypesA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetDateFormatA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
InitializeCriticalSection
RtlUnwind
SetEndOfFile
SetUnhandledExceptionFilter
lstrcatA
lstrlenA

user32

GetDC
FillRect
EqualRect
EndDeferWindowPos
GetMessageA
DefDlgProcA
CreateMenu
CreateDialogIndirectParamA
ChangeMenuA
IsCharUpperA
LoadImageA
DestroyIcon

advapi32

RegOpenKeyExA
RegEnumKeyA
LsaClose
LsaCreateSecret
LsaCreateTrustedDomain
LsaDelete
LsaDeleteTrustedDomain
LsaEnumerateAccounts
LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomainsEx
LsaFreeMemory
LsaGetSystemAccessAccount
LsaGetUserName
LsaLookupNames
LsaLookupPrivilegeDisplayName

msvbvm60

__vbaFileSeek
__vbaDerefAry1
__vbaCyUI1
__vbaCyForInit
__vbaCyFix
__vbaCyAdd
__vbaCastObjVar
__vbaAryVarVarg
__vbaAryDestruct

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

Exports

Exports

Rmu
Txwrsxvrzac
Ufrrnebj
Zf

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47370b31f439f28ef7cdeb33e3b49eb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 16KB

.rdata Size: 14KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.rdata
Size: 14KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 12KB