b691275358639ee9d90eb5e6c2bc4f30_JaffaCakes118

General

Target

b691275358639ee9d90eb5e6c2bc4f30_JaffaCakes118
Size

35KB
MD5

b691275358639ee9d90eb5e6c2bc4f30
SHA1

0e490d70ea44eb683ad91544c463af972ded54d0
SHA256

40bd240f7921486a41e476e0220a7d9f311907f476407e46ddbaa414a4b87f43
SHA512

5404c11d64537dc795278fe9da84d0a96c3d33cc138c52272d110f377b3ba3fccebef8c57e07bf2c75c13dabf2c01de29d888556a5f27f5e9e3527179493050e
SSDEEP

384:PLuuP95n/oGnR8wGYxxs00TNsLUGFF3E3rvnz37m8cTVK4TejQms8TyrYAEjs1C9:no6iw3xt0ch83rCK1QLHEj0ai8WNg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VbsWc08.exe

Files

b691275358639ee9d90eb5e6c2bc4f30_JaffaCakes118
.zip
Readme.txt
VbsWc08.exe
.exe windows:4 windows x86 arch:x86

a77d1be7146c235ae98711168b2adfe0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLateIdCall
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord625
__vbaVarCmpNe
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
ord593
ord594
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaBoolVarNull
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarAdd
__vbaVarDup
__vbaVarCopy
__vbaLateMemCallLd
_CIatan
__vbaStrMove
ord619
__vbaStrVarCopy
_allmul
__vbaLateIdSt
_CItan
__vbaFPInt
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a77d1be7146c235ae98711168b2adfe0

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 89KB - Virtual size: 88KB

.data Size: 512B - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 89KB - Virtual size: 88KB

.data
Size: 512B - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB