43f2bd25874e4ecb4c701829f303fe0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43f2bd25874e4ecb4c701829f303fe0b_JaffaCakes118
Size

181KB
MD5

43f2bd25874e4ecb4c701829f303fe0b
SHA1

54ad40f0e6fe94105cea33b1325512493e8e2a0d
SHA256

20de23b25fc38f4cdfa3a3a98ce5061cce76e0572e14f8ffa80b4d96c1b2627b
SHA512

fe3af92382a3cc18f2dc1d5891880cf362f8826a54c1a0a3f3b714e6f2f4647b0823728e476b4e9c806654f891a11aa45d4a5b71ac75d7026ad75b78a0932c3e
SSDEEP

1536:rVc/OSY309GIIbVNGAkg4g85eSlqygC97AseZxd85apCUToMBkHGfJBwdD7XIlTE:rVc/0kG9lOed5ZxC5uFaSBw+EuC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/disowning.exe

Files

43f2bd25874e4ecb4c701829f303fe0b_JaffaCakes118
.eml
- https://efiltry.pl/
DES2021PDF.tar
.tar
disowning.exe
.exe windows:4 windows x86 arch:x86

2dd2089538cdf18361d55a0fb9587325

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaHresultCheck
__vbaVarMove
__vbaFreeVar
__vbaAryMove
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord512
__vbaFreeObjList
_adj_fprem1
__vbaHresultCheckObj
ord556
_adj_fdiv_m32
ord559
__vbaAryDestruct
ord591
__vbaLateMemSt
__vbaVarForInit
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
ord702
_adj_fdivr_m16i
ord703
ord522
__vbaFpR8
_CIsin
ord709
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
ord561
ord564
_adj_fpatan
ord674
ord568
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaVarErrI4
__vbaFPException
_CIlog
__vbaNew2
__vbaVar2Vec
ord570
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord680
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
ord689
__vbaVarDup
ord613
ord616
__vbaLateMemCallLd
_CIatan
__vbaStrMove
__vbaCastObj
_allmul
__vbaLateIdSt
ord545
_CItan
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt
email-plain-3.txt

Sharing

General

Malware Config

Signatures

Files

2dd2089538cdf18361d55a0fb9587325

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 112KB - Virtual size: 110KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 112KB - Virtual size: 110KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 4KB - Virtual size: 2KB