f5183694cedceb8fa9fe200fe402e37c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5183694cedceb8fa9fe200fe402e37c_JaffaCakes118
Size

331KB
MD5

f5183694cedceb8fa9fe200fe402e37c
SHA1

59248d979e89d97c678a02af10224491e6a7d023
SHA256

ba8d9f9c27cade54fa40af0be36c74f3b159fad7e06f6b0d2edf3a78068442fc
SHA512

5580ed186ca5db4cda05ee814a27f683e724de8b8e393321843a2316f718322584704d15d8f0b16f937aed90bb1b0785e0a4448ba5d52f8815136479b4e0dd29
SSDEEP

6144:BQoWFjM3TCrQPDRPYS0hwPcH48SdxwB/LnBmL20LOX6WwfRc:uFjM35DRASFPcH48IxunBmO6D5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/RFQ_QUOTE_PDF.exe

Files

f5183694cedceb8fa9fe200fe402e37c_JaffaCakes118
.eml
- http://www.kyong.co.kr/
RFQ_QUOTE_PDF.rar
.ace
out.ace
.ace
RFQ_QUOTE_PDF.exe
.exe windows:4 windows x86 arch:x86

98b3eef9cdeaf58a9da8ee51eccb10fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
ord698
__vbaFreeObjList
ord517
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
ord661
__vbaHresultCheckObj
_adj_fdiv_m32
ord591
__vbaOnError
_adj_fdiv_m16i
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarTstLt
_CIsin
ord631
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaVarAbs
__vbaStrCmp
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
ord675
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
ord608
ord609
__vbaFPException
_CIlog
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
_CIatan
ord618
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt

Sharing

General

Malware Config

Signatures

Files

98b3eef9cdeaf58a9da8ee51eccb10fb

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 452KB - Virtual size: 450KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 452KB - Virtual size: 450KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 24KB - Virtual size: 21KB