cf0a2f9f2af984f5b955ee9fa89866c9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf0a2f9f2af984f5b955ee9fa89866c9_JaffaCakes118
Size

375KB
MD5

cf0a2f9f2af984f5b955ee9fa89866c9
SHA1

bcb07f2e0d11e62c5926b3063d6f004abb5c5f5d
SHA256

a6a4a7a5af2ca6e4a880668901c8d68b78ac6000ebebdcb31e56ab881b449a4f
SHA512

ba654850b6cadc8773449645c3f429182a513764ab0c1c371378fb9b367bf524842058cd8755d2b1c974c99eac8a65bfaa7aa3599f911a88e3e4020744ba7e12
SSDEEP

6144:2aN8rBfdQ+VLsKn26WxTPS6PkVWeWbWOozl+ANc/69RRPp3EBuxl:2a45lpZWU68VlfOozm69DeBuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf0a2f9f2af984f5b955ee9fa89866c9_JaffaCakes118

Files

cf0a2f9f2af984f5b955ee9fa89866c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0ea91f03d6f2565983551d95e7570cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
rtcSaveSetting
rtcVarBstrFromByte
rtcRgb
rtcCharValueBstr
rtcVarBstrFromChar
MethCallEngine
EVENT_SINK_Invoke
rtcAnsiValueBstr
rtcLowerCaseBstr
rtcLowerCaseVar
rtcTrimBstr
rtcMidVar
rtcGetDayOfWeek
rtcVarFromFormatVar
rtcGetYear
rtcDateAdd
rtcDateDiff
rtcIsEmpty
Zombie_GetTypeInfo
rtcRandomNext
GetMem2
rtcRandomize
GetMem4
rtcMsgBox
GetMem8
rtcInputBox
GetMemStr
rtcDoEvents
rtcSendKeys
PutMem2
rtcTrimVar
PutMem4
PutMem8
PutMemStr
rtcMidCharBstr
rtcMidCharVar
rtcSpaceBstr
EVENT_SINK_AddRef
rtcKillFiles
rtcIsNumeric
DllFunctionCall
rtcFileLocation
Zombie_GetTypeInfoCount
EVENT_SINK_Release
rtcShell
EVENT_SINK_QueryInterface
__vbaExceptHandler
rtcSplit
rtcReplace
rtcStringBstr
rtcVarBstrFromAnsi
rtcCreateObject2
rtcMakeDir
rtcStrConvVar2
GetMemEvent
ProcCallEngine
rtcGetTimer
rtcBstrFromAnsi
VarPtr
rtcPackDate
rtcDir
rtcFileLength
rtcFreeFile
rtcEndOfFile
rtcHexVarFromVar
rtcImmediateIf
rtcFileLen
rtcErrObj
ThunRTMain
rtcGetSetting
rtcGetDateVar
PutMemEvent
rtcGetTimeVar
SetMemEvent
rtcLeftCharBstr
rtcLeftCharVar
rtcRightCharBstr
rtcRightCharVar
rtcGetDayOfMonth
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetPresentDate
rtcGetSecondOfMinute
rtcR8ValFromBstr

kernel32

VirtualProtect
ExitProcess

Sections

.text
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrr
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE

.vmp1
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0ea91f03d6f2565983551d95e7570cc

Headers

File Characteristics

Imports

msvbvm60

kernel32

Sections

.text Size: - Virtual size: 512KB

.data Size: - Virtual size: 32KB

.rsrc Size: 26KB - Virtual size: 552KB

.aspack Size: - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

rsrr Size: - Virtual size: 8KB

.idata2 Size: - Virtual size: 4KB

.idata2 Size: - Virtual size: 4KB

.mackt Size: - Virtual size: 4KB

.vmp0 Size: - Virtual size: 11KB

.vmp1 Size: 344KB - Virtual size: 344KB

.reloc Size: 512B - Virtual size: 96B

.text
Size: - Virtual size: 512KB

.data
Size: - Virtual size: 32KB

.rsrc
Size: 26KB - Virtual size: 552KB

.aspack
Size: - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

rsrr
Size: - Virtual size: 8KB

.idata2
Size: - Virtual size: 4KB

.idata2
Size: - Virtual size: 4KB

.mackt
Size: - Virtual size: 4KB

.vmp0
Size: - Virtual size: 11KB

.vmp1
Size: 344KB - Virtual size: 344KB

.reloc
Size: 512B - Virtual size: 96B