60433c405316e7c96989b1f4c6dc8b15_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

60433c405316e7c96989b1f4c6dc8b15_JaffaCakes118
Size

21KB
MD5

60433c405316e7c96989b1f4c6dc8b15
SHA1

28fac93b405583bfb9c2728c328db4a22d07f581
SHA256

4926b94032ce76d204b1004a1aefdf6c2e41bf8d50e080937bd7808b4a8ab828
SHA512

d5aa1536ceae3dfaad4e863240d34eb41df392cbeedb6d62f8ec1b38a0ca654f8507dab1cf738026ec9f6bba4ae303178f19f9b939bb3178151eb9f3701241af
SSDEEP

384:4gz1sHornIeGf1dXSOLDVYAsL/aEszxl0BHDg+yrdUL9EogdfKhA2:4gz7LIek1IOVY9CES4U+aCLZYKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RTF.exe

Files

60433c405316e7c96989b1f4c6dc8b15_JaffaCakes118
.rar
Form1.frm
.vbs
Form1.frx
Form1.log
Form2.frm
Form3.frm
Form3.frx
Form4.frm
Form4.frx
Icon.ico
Project1.vbp
Project1.vbw
RTF.exe
.exe windows:4 windows x86 arch:x86

ae40e88b136e7e84e9029882edfdaf97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaVarForInit
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaBoolVar
_CIsin
ord631
__vbaChkstk
EVENT_SINK_AddRef
ord528
__vbaVarTstEq
__vbaI2I4
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarCmpEq
__vbaVarAdd
__vbaVarDup
__vbaVarCopy
_CIatan
__vbaStrMove
ord618
__vbaStrVarCopy
_allmul
__vbaLateIdSt
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

ae40e88b136e7e84e9029882edfdaf97

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 512B - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 512B - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB