8b61fb3660fd1656e775a72eed95cea4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b61fb3660fd1656e775a72eed95cea4_JaffaCakes118
Size

15KB
MD5

8b61fb3660fd1656e775a72eed95cea4
SHA1

dc936f475b2e434e87c05ca45c0eff5450edd54b
SHA256

aca2a1f61f063e509b0106e7f0406efc2c86e5fa58f447530913589e0c88559e
SHA512

a6129dc3c67067a345e309a83fed7919e07e50d54a32f5e771b7b9ecdc7043303999c85ed8808dddb678101e06fce3fef909494f8c087d4c0c397dba3cfa2497
SSDEEP

384:j8J/11uj0frWw5/wQIkd3AfJaCC5XGR3nWsnA:+/g0DrvdwJarJsnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/server/server.exe

Files

8b61fb3660fd1656e775a72eed95cea4_JaffaCakes118
.rar
client/Form1.frm
.vbs
client/Form1.frx
client/Module1.bas
client/Project1.PDM
client/Project1.vbp
client/Project1.vbw
client/下载说明.htm
.html .js polyglot
server/Form1.frm
.vbs
server/Form1.frx
server/Project1.vbp
server/Project1.vbw
server/server.exe
.exe windows:4 windows x86 arch:x86

627fa6d74bc6d777e5a7e69a87462025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarForInit
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
__vbaRedimPreserve
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
_CIatan
__vbaStrMove
__vbaStrVarCopy
_allmul
_CItan
ord546
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
server/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

627fa6d74bc6d777e5a7e69a87462025

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB