42e0c030f5d8813fecfa127988c1569f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42e0c030f5d8813fecfa127988c1569f_JaffaCakes118
Size

272KB
MD5

42e0c030f5d8813fecfa127988c1569f
SHA1

288584bcf0e299568a953c7828f4989830adbe1b
SHA256

5dff2df99ba4a0000f839a59356c24e7c24749b1e12640327b3ba4890e9ffc28
SHA512

9189f63c8e14232938a32aeb0fb36105a20c177b96ac56010daac59719b8d6109d69c50e8cbf04d4d28bad0f161a8564b5b39eb18694f9dcaf6c9e34f31fb0fc
SSDEEP

3072:B8Go3oJgTJuK3X9aAEBfHbR/+/tARv2qXjto8GU2EXmvC/SeCCYyb3a1TvW:qG9STUOk9/+eRdjOve/3a1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e0c030f5d8813fecfa127988c1569f_JaffaCakes118

Files

42e0c030f5d8813fecfa127988c1569f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d6a91bc46df1ed64dda5c8b3d04a0bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaR8FixI4
_CIcos
_adj_fptan
__vbaVarMove
ord693
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
ord698
__vbaR8Sgn
ord517
_adj_fprem1
ord629
__vbaHresultCheckObj
ord663
_adj_fdiv_m32
ord666
__vbaAryDestruct
__vbaOnError
__vbaObjSet
ord595
ord596
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
ord523
_CIsin
ord525
ord632
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
ord675
ord677
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
ord710
__vbaExceptHandler
ord712
ord606
_adj_fprem
_adj_fdivr_m64
ord714
ord609
__vbaFPException
__vbaDateVar
__vbaI2Var
_CIlog
ord539
ord647
__vbaNew2
__vbaInStr
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
ord687
ord610
__vbaInStrB
__vbaVarDup
ord613
_CIatan
__vbaStrMove
__vbaR8IntI4
ord543
_allmul
_CItan
ord546
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ