54536e5eb9b14c09d11b4a4cd4db7f3e_JaffaCakes118

General

Target

54536e5eb9b14c09d11b4a4cd4db7f3e_JaffaCakes118
Size

65KB
MD5

54536e5eb9b14c09d11b4a4cd4db7f3e
SHA1

3d5e30c6acedddf1eb77d682ace1262599eb9d5b
SHA256

b1bf70176d5a14d8d26c1db0533a3d3bb9c3a8f83a857638a6d86a042e87ede2
SHA512

e47c874c9fc4aabceab8b696551bc5e7407ae26609b1cc18f947906a83d31192b690f6f33a6c93ca07bc1bb590429a4e7586cceeb6021728410abe5de3279f1d
SSDEEP

1536:mbl0zZ/iCw59di8LBFK7DIzfdC8l9C5xh3x:e0zZqhdimwUs8lM5xz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54536e5eb9b14c09d11b4a4cd4db7f3e_JaffaCakes118

Files

54536e5eb9b14c09d11b4a4cd4db7f3e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

70266f21bf9e8fbe0a4177a12b3dd9a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

LsaEnumerateTrustedDomains
LsaGetRemoteUserName
LsaICLookupNames
LsaLookupPrivilegeDisplayName
RegCloseKey
LsaGetUserName

dsound

DirectSoundCreate
DirectSoundFullDuplexCreate
DirectSoundCaptureEnumerateA
DirectSoundCaptureCreate8

kernel32

GetModuleHandleA
GetLocalTime
GetCommandLineA
ExitProcess
CloseHandle
LocalAlloc
SetUnhandledExceptionFilter
GetStartupInfoA

msvfw32

MCIWndCreateA
ICLocate
ICInstall
DrawDibGetBuffer
DrawDibChangePalette

ole32

CoInitialize
CoTaskMemAlloc
CoUninitialize
CoGetClassObject
CreateStreamOnHGlobal
DoDragDrop
GetRunningObjectTable
OleInitialize
OleLockRunning
OleUninitialize
ProgIDFromCLSID
ReadClassStg
StgCreateDocfileOnILockBytes
WriteClassStm
CoCreateInstance
CLSIDFromProgID
CreateBindCtx

msvbvm60

__vbaFailedFriend
__vbaCyMul

user32

CreateAcceleratorTableA
IsCharUpperA
LoadIconA
ShowCursor
CharToOemA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70266f21bf9e8fbe0a4177a12b3dd9a9

Headers

File Characteristics

Imports

advapi32

dsound

kernel32

msvfw32

ole32

msvbvm60

user32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 14KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 14KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB