55964889eb386098bb612fcf6f250ddf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55964889eb386098bb612fcf6f250ddf_JaffaCakes118
Size

64KB
MD5

55964889eb386098bb612fcf6f250ddf
SHA1

f94a7f00e88bdd30292e1c5daca8e9e5ac9c5af1
SHA256

a43286f202a6c26d186fb8e6c4a66df60beb4172cd7539ba91398f9a326c6c8a
SHA512

84c2dcef9c115b49086bda6d84abc99749a33e6aafb01e0f8f29a6490e74067b3e7a45d946c059834512f82cdac42985cd648b788eeea721d1930003b71aa444
SSDEEP

1536:U3lYHUnr8BcIJyediSvGk133krSVyn+l3a3x:bHILIQCv/6rSni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55964889eb386098bb612fcf6f250ddf_JaffaCakes118

Files

55964889eb386098bb612fcf6f250ddf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c5c8b0336da62839561175080034a0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaCyVar
__vbaCyErrVar
__vbaBoolVarNull
__vbaAryUnlock
__vbaAryRebase1Var

kernel32

CloseHandle
OpenFileMappingA
FindResourceA
ExitProcess
EnumResourceNamesA

advapi32

LsaEnumerateTrustedDomainsEx
LsaCreateTrustedDomainEx
LsaEnumeratePrivileges

dsound

DirectSoundCaptureEnumerateW
DirectSoundEnumerateW
DirectSoundCaptureCreate8

user32

DrawCaption
LoadIconA
DispatchMessageA
ShowCaret
ShowOwnedPopups
DestroyCaret
CreateIconFromResource
CreateIcon
CharToOemA
wsprintfA
OemToCharW

msvfw32

ord2
ICGetDisplayFormat
DrawDibRealize
DrawDibOpen
DrawDibEnd

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ