7946e2b4f8b0556f698ed35ec3afe49a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7946e2b4f8b0556f698ed35ec3afe49a_JaffaCakes118
Size

726KB
MD5

7946e2b4f8b0556f698ed35ec3afe49a
SHA1

39af94c24f153e2ab9f0a5927fa298334b284ffd
SHA256

050bba293c778e47409dc8fdd16a99eab994811e378c701d5a16c9e260e3fb3c
SHA512

81cda7ec4b1ede1942e256198a8ad7408fc91f048c3bb6dba0684e72ea78b9256751c80f056b7309e0a945f3468023c41b72664ccbb78aecfb7c2cc178f731e1
SSDEEP

12288:6gh9fZ7FWZG/+Rnwt3Ja0Yy0uD0/2EQh/nR499Kbe5deph6mUBXiQ:fyDEJF0uw/kOqbe5dep0m+iQ

Score

1^/10

Malware Config

Signatures

Files

7946e2b4f8b0556f698ed35ec3afe49a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a6451054f0ef8107f800a59eddb75f5

Code Sign

01
Certificate

Issuer

CN=Mark Russinovich and Bryce Cogswell,O=Copyright © 2005-2018 Netherlands B. V. D. Walling,C=NL

Not Before

16/10/2018, 19:07

Not After

16/10/2019, 19:07

Subject

CN=Mark Russinovich and Bryce Cogswell,O=Copyright © 2005-2018 Netherlands B. V. D. Walling,C=NL

54:24:55:dc:b7:fc:42:6e:c5:73:f0:e2:02:7b:61:06:d4:b9:03:bd:b8:a9:2d:36:6f:b2:75:d0:04:b1:24:f2
Signer

Actual PE Digest

54:24:55:dc:b7:fc:42:6e:c5:73:f0:e2:02:7b:61:06:d4:b9:03:bd:b8:a9:2d:36:6f:b2:75:d0:04:b1:24:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
__vbaFpCDblR8
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
ord561
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord714
__vbaFPException
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord574
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord616
ord617
_CIatan
__vbaStrMove
__vbaI4Cy
_allmul
_CItan
__vbaUI1Var
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a6451054f0ef8107f800a59eddb75f5

Code Sign

01Certificate

54:24:55:dc:b7:fc:42:6e:c5:73:f0:e2:02:7b:61:06:d4:b9:03:bd:b8:a9:2d:36:6f:b2:75:d0:04:b1:24:f2Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 696KB - Virtual size: 695KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 20KB - Virtual size: 16KB

01
Certificate

54:24:55:dc:b7:fc:42:6e:c5:73:f0:e2:02:7b:61:06:d4:b9:03:bd:b8:a9:2d:36:6f:b2:75:d0:04:b1:24:f2
Signer

.text
Size: 696KB - Virtual size: 695KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 20KB - Virtual size: 16KB