0d6029f0e8b5017e64c2b719e1c61a03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d6029f0e8b5017e64c2b719e1c61a03_JaffaCakes118
Size

30KB
MD5

0d6029f0e8b5017e64c2b719e1c61a03
SHA1

7134281ab8563d628da9e71449580a0f55f11ddc
SHA256

1034346922c2c48dc699812af4ba35c683a0af6c323ed3518dc9852af687d69c
SHA512

669dcc7e2927359a6c0e6d49d883b2a3cbc5ec88ac449bf80a99925fc12ee1da0c997a610279312896997dc5562c2c63a4eeebe510a5862a2655ce9b7037fe7b
SSDEEP

768:lCJqYKeotHG/irSriyFjeZ8uGXn9YQa4Wa8W:lCwDzJGarSW18uGX9YQa4qW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/91412342/DXB聊天室.exe

Files

0d6029f0e8b5017e64c2b719e1c61a03_JaffaCakes118
.rar
91412342/Clientmsg.txt
91412342/DXB聊天室.exe
.exe windows:4 windows x86 arch:x86

6650ec515de8585c5bef4441ffc1a6ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaLenBstr
__vbaLateIdCall
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
ord520
__vbaBoolVarNull
__vbaFpR8
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaI4Str
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarDup
__vbaR8IntI2
ord617
_CIatan
__vbaStrMove
ord619
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
91412342/Form1.frm
.vbs
91412342/Form1.frx
91412342/Form2.frm
.vbs
91412342/Form2.frx
91412342/MSSCCPRJ.SCC
91412342/Module1.bas
91412342/Servermsg.txt
91412342/SetServer1.frm
91412342/SetServer1.frx
91412342/SetServer2.frm
91412342/SetServer2.frx
91412342/SetServer3.frm
.vbs
91412342/SetServer3.frx
91412342/login.frm
91412342/login.frx
91412342/splash.frm
91412342/splash.frx
91412342/下载说明.htm
.html .js polyglot
91412342/工程1.vbp
91412342/工程1.vbw

Sharing

General

Malware Config

Signatures

Files

6650ec515de8585c5bef4441ffc1a6ca

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 84KB - Virtual size: 82KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 84KB - Virtual size: 82KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 2KB