4573102ec94b4ef1e2222ccd99b0e6b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4573102ec94b4ef1e2222ccd99b0e6b5_JaffaCakes118
Size

532KB
MD5

4573102ec94b4ef1e2222ccd99b0e6b5
SHA1

66595dda59ea64ded4b331f5e4d4eeda97379dd8
SHA256

d2e53feccc78e0df66c8b57053df59b71dafe3036e88ccc92f988030b4f02123
SHA512

ac4386a7a3a4c3dc2230211d4f42701fe27890b69ae75dcad06dae90961bca710ca69ba94f37250b30697c67e23c6dad215c80c84c655034da1efa16636b536b
SSDEEP

12288:8DnLuTVu/Ijm8qhFYNupxWLQfG7icDnLuTK:41/Ii8+zpwLQfpYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4573102ec94b4ef1e2222ccd99b0e6b5_JaffaCakes118

Files

4573102ec94b4ef1e2222ccd99b0e6b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a544bee52f1e5fefadedf954d79b0c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardViewer
GetOpenClipboardWindow
EmptyClipboard
GetClipboardOwner
LoadStringW
GetMessageTime
GetMessageExtraInfo
GetCaretBlinkTime

oleaut32

SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SysStringLen

kernel32

GetProcAddress
VirtualAlloc
VirtualProtect
RtlMoveMemory
WideCharToMultiByte
GetLogicalDrives
GetUserDefaultLangID
GetModuleHandleW
GetUserDefaultLCID
GetOEMCP

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

msvbvm60

__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaAryMove
__vbaFreeVar
__vbaGosubReturn
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaLenBstrB
ord662
__vbaHresultCheckObj
ord556
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaAryDestruct
ord591
__vbaExitProc
__vbaFileCloseAll
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaBoolVar
__vbaBoolVarNull
__vbaFpR8
_CIsin
__vbaErase
ord631
__vbaVarCmpGt
ord632
__vbaChkstk
__vbaGosubFree
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaAryConstruct2
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaUI1I2
ord601
_CIsqrt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
ord710
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord607
__vbaGosub
__vbaFPException
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord534
__vbaI2Var
ord537
ord644
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaVar2Vec
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaFpCy
__vbaLateMemCall
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVarLateMemCallLd
__vbaFpI4
__vbaVarCopy
__vbaVarSetObjAddref
_CIatan
__vbaAryCopy
__vbaCastObj
__vbaStrMove
_allmul
_CItan
ord546
__vbaUI1Var
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a544bee52f1e5fefadedf954d79b0c3

Headers

File Characteristics

Imports

user32

oleaut32

kernel32

wininet

msvbvm60

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 356KB - Virtual size: 354KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 356KB - Virtual size: 354KB