cybergate | bf6cb717fcb024e7668592598b32ebec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf6cb717fcb024e7668592598b32ebec_JaffaCakes118
Size

353KB
MD5

bf6cb717fcb024e7668592598b32ebec
SHA1

97798afebc87e5006b874b0ba34c8d77859258c0
SHA256

b501a88bc7ef59905977a817c10dea64640a2c7237c57882359e87795d88b720
SHA512

af8df09696797efc5f7bf22342b901eec8c9218ba7eefe105b130afcb4148acaf315d04868ddd0e1cc56eb80ed53b661e5acc6c64b3a34989ab4c43e164988b2
SSDEEP

6144:dsj6PLmcD66RRjo5JGmrpQsK3FD2u270jupCJsCxCP:NScD663V92zkPaCxI

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf6cb717fcb024e7668592598b32ebec_JaffaCakes118

Files

bf6cb717fcb024e7668592598b32ebec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d78928e15060c49ab4a7a72994826c93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaFreeVarList
__vbaPut3
__vbaEnd
_adj_fdiv_m64
ord621
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaVarCat
__vbaFileSeek
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord570
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ