d48936c1978b36f0d529d3034ceb5361_JaffaCakes118

Reason

config extraction: GuloaderBin: guloader: invalid shellcode

General

Target

d48936c1978b36f0d529d3034ceb5361_JaffaCakes118
Size

24KB
MD5

d48936c1978b36f0d529d3034ceb5361
SHA1

ec8df712da8a973c0a49ad2c28e22c9bf1fd2725
SHA256

fcf214c908eca05b55c1ba9c9330f519ac0f58f63bf3460aac71a68845d441ef
SHA512

2f5e1a3e28ca501373cfa6e492fdff32dec5794a43ed83d143a21e68c1c340ee4bbabf3c65add99c3dcfc5d56d687192965d10ef13c8bc3bc791fe1e2129f3d7
SSDEEP

384:tgtjiB7cFVhyh4RsCODlEa7SyFLG2K78IJ2kbaQiqLW74kq9ZUw/w8:Ck2VhiosCaKj7Lxu4D57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/567865678876.exe

Files

d48936c1978b36f0d529d3034ceb5361_JaffaCakes118
.rar
567865678876.exe
.exe windows:4 windows x86 arch:x86

481c31fe362303bbf28b10f421e1c9c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaCyForInit
_CIcos
_adj_fptan
__vbaVarMove
ord692
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
ord552
__vbaHresultCheckObj
ord664
_adj_fdiv_m32
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarTstLt
__vbaFpR8
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaCyI2
__vbaStrCmp
__vbaObjVar
_adj_fpatan
__vbaLateIdCallLd
ord677
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord714
__vbaFPException
__vbaStrVarVal
__vbaCyForNext
_CIlog
ord539
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
ord689
ord610
__vbaVarAdd
__vbaLateMemCall
__vbaVarDup
ord612
_CIatan
__vbaStrMove
__vbaCastObj
_allmul
_CItan
_CIexp
__vbaStrCy
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

481c31fe362303bbf28b10f421e1c9c5

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 68KB - Virtual size: 64KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 64KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB