f0c4010fda512470472ec9a013b66655_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0c4010fda512470472ec9a013b66655_JaffaCakes118
Size

111KB
MD5

f0c4010fda512470472ec9a013b66655
SHA1

e8e3e30ed6dd9e026371e8289dab473fe549a451
SHA256

4a3e0fc711656c84d1778b0dc763f9a676e714cb0e4102fc2ef2bfe64a32b327
SHA512

b9bd0c4969a153fb9727dc64d732de2c4b7e8bf78f11d7a0084bb10e1d14d68706262583160dc69bc852a4f78f96bf748166900092da9c8719425db34397dc39
SSDEEP

3072:e3JkBYyiBx8tEy+WmS8R8ILTDoADP5ci8YaElhlEPWJtF:e6Hj1XT8p7dP5bnzbTTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Icon Hunter

Files

f0c4010fda512470472ec9a013b66655_JaffaCakes118
.rar
Cafe manager.frx
Form1.frm
.vbs
Form1.frx
Icon Hunter
.exe windows:4 windows x86 arch:x86

befb5ed4c2118c97064d6d6300c47ef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
ord690
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
__vbaForEachCollObj
__vbaVarForInit
__vbaExitProc
ord300
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
ord306
ord520
ord309
__vbaBoolVarNull
__vbaFpR8
_CIsin
__vbaNextEachCollObj
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaR4Str
ord561
DllFunctionCall
__vbaCastObjVar
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
__vbaI2Str
ord607
ord608
ord531
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaCheckType
__vbaI2Var
_CIlog
__vbaErrorOverflow
ord647
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
ord689
ord610
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVerifyVarObj
ord613
__vbaFpI4
__vbaVarCopy
ord617
_CIatan
__vbaStrMove
__vbaCastObj
ord619
__vbaStrVarCopy
ord542
_allmul
__vbaLateIdSt
ord545
_CItan
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Icon Hunter Help.chm
.chm
Icon Hunter.PDM
Icon Hunter.vbp
Icon Hunter.vbw
Icon.ico
Icon2.ico
MSSCCPRJ.SCC
Search.avi
frmAbout.frm
.vbs
frmAbout.frx
frmAuthor.frm
frmAuthor.frx
frmBit.frm
.vbs
frmDir.frm
frmDir.frx
frmDirCreate.frm
.vbs
frmDirCreate.frx
frmSplash.frm
frmSplash.frx
modmain.bas
.vbs
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

befb5ed4c2118c97064d6d6300c47ef4

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 152KB - Virtual size: 150KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 150KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 3KB