cybergate | 5c0e477f045776cb9b1055135dbfaa40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c0e477f045776cb9b1055135dbfaa40_JaffaCakes118
Size

2.1MB
MD5

5c0e477f045776cb9b1055135dbfaa40
SHA1

bdf4eaad4d831570b4d1c6dbdafecc4de26a99c9
SHA256

f642c2848f5bcf8d9e0669741459e99c74c22cecc03c56e6733e2623d5575300
SHA512

7ee9ddc8515da355a67f1dd2bc35a5ac64ec0280d0c423a8ccae7437c0f333339d47d9c302dd46795a85b43a6692968220c1a5db5c680667cb4f8dcc3a7b057d
SSDEEP

49152:JOK2lZmMFsebzFZvw0T2FZ5eUD+UowYd/DW0am/MMM:JOLl9Flz4dO5b6Hx

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c0e477f045776cb9b1055135dbfaa40_JaffaCakes118

Files

5c0e477f045776cb9b1055135dbfaa40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd31f201b9e6ab159eed34600d45f43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord593
ord594
ord632
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord712
ord608
ord716
ProcCallEngine
ord645
ord570
ord100
ord617
ord619

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ