d44c4d74eab8a26278e5e027940b9b6b_JaffaCakes118

General

Target

d44c4d74eab8a26278e5e027940b9b6b_JaffaCakes118
Size

136KB
MD5

d44c4d74eab8a26278e5e027940b9b6b
SHA1

8fcd266f8ad146285da1f1bf4560a52022ea0e12
SHA256

03d20a99f90d609f3dcb21c89d996f641fae0e1657a6bb147b2106c7d5705827
SHA512

0eb9dc5b7f43635ece3768669f17e92d3943fac82d437c18da30db1e3e76fd905d99769a15540054c7ffdb60bd50d2a86327b6b5891418a5fd6dc8b4465f32e5
SSDEEP

3072:HcY2MnUstI5Ag7O40TqzMwvmjw5emJYSu+RvNgCy:Hv2mt+/7OdThwus5emGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d44c4d74eab8a26278e5e027940b9b6b_JaffaCakes118

Files

d44c4d74eab8a26278e5e027940b9b6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3c113a622a3414547ebb063807894d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60.dll

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
ord59906
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord52428
ord608
ord716
__vbaFPException
__vbaInStrVar
ord717
__vbaStrVarVal
__vbaUbound
__vbaVarCat
__vbaLsetFixstrFree
__vbaI2Var
ord537
ord644
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaInStr
__vbaR8Str
__vbaNew2
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
ord681
__vbaI4Str
__vbaFreeStrList
ord576
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
ord579
__vbaVarSetVar
__vbaI4Var
__vbaVarLateMemStAd
__vbaLateMemCall
__vbaAryLock
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarMod
__vbaFpI4
__vbaVarLateMemCallLd
ord616
ord617
__vbaVarSetObjAddref
_CIatan
__vbaCastObj
ord618
__vbaUI1Str
__vbaStrMove
__vbaAryCopy
__vbaR8IntI4
__vbaStrVarCopy
ord619
__vbaForEachVar
_allmul
_CItan
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3c113a622a3414547ebb063807894d4

Headers

File Characteristics

Imports

msvbvm60.dll

Sections

.text Size: 124KB - Virtual size: 120KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1012B

.text
Size: 124KB - Virtual size: 120KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1012B