a214a7e6db356ec8fb55522d6e1543c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a214a7e6db356ec8fb55522d6e1543c4_JaffaCakes118
Size

2.4MB
MD5

a214a7e6db356ec8fb55522d6e1543c4
SHA1

f96b4d17b17317feb3a86b92e504e76e266f5628
SHA256

454d6f0120a95bfb774156fb549d99f80ee92e45e08f5191f0abbf866cc13733
SHA512

ad495bdf3a1003eb9c088bd7cde705d00a9039fb5f34a94be57fb31617d6ab642613059ac2e3159a4e0201c9a044de306f3d9a28a38feabad07276db371bab41
SSDEEP

49152:oAgqW/Qj6LXqSEXp/HOwGJWY8aA954MXKRH+8wPb1MBHU9naf532ZG:oAm/BAMSY8ZXyRH+8mWIq532Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack002/UnZoom.exe
unpack002/Zoom.exe
unpack003/UnZoom.exe
unpack003/Zoom.exe

Files

a214a7e6db356ec8fb55522d6e1543c4_JaffaCakes118
.zip
Zoom Accessibility.zip
.zip
File_id.diz
Guide.hlp
Readme.txt
UnZoom.exe
.exe windows:4 windows x86 arch:x86

76fe6dc560c8ed5fc320aef6e698749a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord525
__vbaChkstk
EVENT_SINK_AddRef
ord529
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
ord608
__vbaFPException
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaStrToAnsi
__vbaVarCopy
ord616
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zoom.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 654KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Zoom Graphic & Accessibility.txt
Zoom Graphic.zip
.zip
File_id.diz
Guide.hlp
Readme.txt
UnZoom.exe
.exe windows:4 windows x86 arch:x86

2232b7c2950fa2b8676ef2b0ca77820d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord595
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVarNull
_CIsin
ord525
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord529
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
ord608
ord531
__vbaFPException
ord532
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaStrToAnsi
__vbaVarCopy
ord616
ord617
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zoom.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.6MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 91KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76fe6dc560c8ed5fc320aef6e698749a

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

Headers

File Characteristics

Sections

Size: 654KB - Virtual size: 3.0MB

Size: 12KB - Virtual size: 44KB

Size: - Virtual size: 268KB

. Size: 6KB - Virtual size: 5KB

2232b7c2950fa2b8676ef2b0ca77820d

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

Headers

File Characteristics

Sections

Size: 1.6MB - Virtual size: 8.0MB

. Size: 91KB - Virtual size: 400KB

Size: - Virtual size: 632KB

Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB

.
Size: 6KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB

.
Size: 91KB - Virtual size: 400KB