2d89d2620ba28e214bd14c1378aef864_JaffaCakes118 | Triage

Sharing

General

Target

2d89d2620ba28e214bd14c1378aef864_JaffaCakes118
Size

62KB
MD5

2d89d2620ba28e214bd14c1378aef864
SHA1

6593c1c754dde59cdb24434950bc3fb7c011f6b0
SHA256

fbc179065a29ba79e2ab3df29f2f7e0adb38160c2f12208213f8b83a47b9a85b
SHA512

1adfa907ca59e1a91a07ca2ceb7f554b2a94c9a0795512d0068f6d7eed251fffe62b5207b74c1871596e43db1582394906292566687db68ff23aa260823ddf27
SSDEEP

768:DYuPQQ8892kJuHSRGxNK+NxTvo3ucoEQAN3LwkkLj+EH+noGo1CR5Wqwq6wq+qUX:DjYT892ksHSkxNfx61N3mSEH+nmwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d89d2620ba28e214bd14c1378aef864_JaffaCakes118

Files

2d89d2620ba28e214bd14c1378aef864_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1caa4a5cd7a51c808f0dad5c60fbc61e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaExitEachVar
__vbaError
__vbaEraseKeepData
__vbaDateR4
__vbaCyUI1
__vbaAryRebase1Var
__vbaBoolErrVar
__vbaBoolVarNull
__vbaCyAbs
__vbaAryConstruct2
__vbaCyMul

user32

LoadBitmapA
CreateCursor
wsprintfA
SetCursor
SetMenuInfo

advapi32

LsaLookupPrivilegeDisplayName
LsaFreeMemory
LsaEnumerateAccounts
LsaCreateTrustedDomainEx
LsaClose
LsaGetQuotasForAccount
RegCloseKey

kernel32

VirtualFree
MapViewOfFile
LoadLibraryA
GetLocalTime
GetCommandLineA
CompareStringA
TlsSetValue
TlsGetValue
lstrcmpA
lstrcmpiA
lstrcpyA

dinput

DirectInputCreateEx

Exports

Exports

Bnodmekn
Ceqcsx
Cyshyyfxi
Fkvtemunf
Gkyzoi
Gmua
Hmdaydcr
Hpxb
Ijrhrjgd
Kpmhrss
Lbru
Loaefjvzp
Minfkhta
Ngmzzf
Nzdylzguhvs
Okxlau
Pzjp
Tpxzneomg
Urhfdc
Vrxw
Zclnpys
Zxvsouug

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ