3049ae8b56496edaf24c9fd6cd466fb3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3049ae8b56496edaf24c9fd6cd466fb3_JaffaCakes118
Size

57KB
MD5

3049ae8b56496edaf24c9fd6cd466fb3
SHA1

6f3b0cda56440fc6e31dfa1f552daf7c213e0972
SHA256

610f18b0598f53a6307ef3e9eaf857a583807ba9684adce78281b1bfb7be2d89
SHA512

6e859c09f4f4ca8676db4a828f6858d77469bd4f37a9e0395e26f5bb425f75c8b3731436173f3d52b8edf1a12f554f3d47966b5cdb47f162601b625261ca8483
SSDEEP

1536:pekrqlaxSWVOjElyS9J0bo6C/l7fqPsL2Tb:ppypWiqJeoh9bqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/海汇图案设计大师3.6.6/海汇图案设计大师3.6.6.exe

Files

3049ae8b56496edaf24c9fd6cd466fb3_JaffaCakes118
.rar
海汇图案设计大师3.6.6/vtymcrzxqkgwej.dll
海汇图案设计大师3.6.6/新云软件.url
.url
海汇图案设计大师3.6.6/海汇图案设计大师3.6.6.exe
.exe windows:4 windows x86 arch:x86

1889ab38da9607dc7980274c831f67b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
__vbaStrI2
ord583
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaCyMul
__vbaFreeVar
__vbaLenBstr
__vbaLateIdCall
__vbaStrVarMove
ord588
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaWriteFile
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryDestruct
__vbaLateMemSt
ord593
ord594
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
ord309
__vbaFpR8
_CIsin
ord632
__vbaChkstk
__vbaFileClose
__vbaCyVar
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaVarAbs
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaCyI4
__vbaR4Str
__vbaI2I4
__vbaPrintObj
DllFunctionCall
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaR4Cy
__vbaR8Cy
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
__vbaUI1I2
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
__vbaInputFile
ord606
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
__vbaI2Str
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord575
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
__vbaVarCopy
__vbaFpI4
__vbaLateMemCallLd
__vbaR8IntI2
_CIatan
__vbaCastObj
__vbaStrMove
ord619
_allmul
__vbaLateIdSt
_CItan
ord546
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
海汇图案设计大师3.6.6/海汇图案设计大师3.6.6简介.txt

Sharing

General

Malware Config

Signatures

Files

1889ab38da9607dc7980274c831f67b4

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 396KB - Virtual size: 393KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 396KB - Virtual size: 393KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 1KB