3d44033b9b83d54025d452fbf310a2b0_JaffaCakes118

General

Target

3d44033b9b83d54025d452fbf310a2b0_JaffaCakes118
Size

850KB
MD5

3d44033b9b83d54025d452fbf310a2b0
SHA1

dc16ee8218cceacb799d081dc82633d949a068da
SHA256

36d434da45233a431c09c1b62903c5a574e338fcd563a88c4b1c6a5af8eb601d
SHA512

e72272807467c9fd05759bc553b40e8da1a7cf610dcb3723a4487b1731b173af9764c8fe1a78b07f566a346d45c042ba27a04406a882f6b8195ad177a20a7440
SSDEEP

24576:58K//////////vpZZZFZZZZZpjN1ZZZZZZ9iZZZZZKwZZZZZcz+Gs/Mwve/mIZ:KK//////////xZZZtNiZZZZZ4uMkAmIZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d44033b9b83d54025d452fbf310a2b0_JaffaCakes118

Files

3d44033b9b83d54025d452fbf310a2b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

225a4c641fa8cd9e6c1dbe80e3c7b811

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarForInit
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarTstLt
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaFpI4
__vbaVarCopy
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

UPX0
Size: 844KB - Virtual size: 844KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

225a4c641fa8cd9e6c1dbe80e3c7b811

Headers

File Characteristics

Imports

msvbvm60

Sections

UPX0 Size: 844KB - Virtual size: 844KB

.rsrc Size: 3KB - Virtual size: 4KB

.avc Size: 1KB - Virtual size: 4KB

UPX0
Size: 844KB - Virtual size: 844KB

.rsrc
Size: 3KB - Virtual size: 4KB

.avc
Size: 1KB - Virtual size: 4KB