2992178cb740ea43955f7433f5e77c21_JaffaCakes118

General

Target

2992178cb740ea43955f7433f5e77c21_JaffaCakes118
Size

1.3MB
MD5

2992178cb740ea43955f7433f5e77c21
SHA1

122a8c135c75163c05548a8e8cda44dfa639670e
SHA256

661f57267217c0ddb0f894df6fb6ba6cbe61a56e68aa6cd000d000209a164778
SHA512

e0e27b08e6a51200415ceb2625f8008bd77a38fcdeb60e56a5eaaf8e8e34db983b11320719423fb4e35d56583289eb452b466b81841528e1b1653cbf352a41dc
SSDEEP

3072:OHZXw7l1Qq/xnYSyTRVCBn22q1WEoCxVpU2Yrs1TCmTBt9mHsggmyodpz0kOEe6Q:N7WpoWHjX8W6oSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2992178cb740ea43955f7433f5e77c21_JaffaCakes118

Files

2992178cb740ea43955f7433f5e77c21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85c540b88e3f192a880bca987909f6cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

DllFunctionCall
EVENT_SINK_AddRef
EVENT_SINK_QueryInterface
EVENT_SINK_Release
ThunRTMain
VarPtr
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryUnlock
__vbaChkstk
__vbaErase
__vbaErrorOverflow
__vbaExceptHandler
__vbaFPException
__vbaFpI4
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaGenerateBoundsError
__vbaHresultCheckObj
__vbaI2Str
__vbaI4ErrVar
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaLenBstr
__vbaLenBstrB
__vbaNew2
__vbaObjSetAddref
__vbaOnError
__vbaR8ErrVar
__vbaRecAnsiToUni
__vbaRecUniToAnsi
__vbaRedim
__vbaSetSystemError
__vbaStrCat
__vbaStrCmp
__vbaStrCopy
__vbaStrMove
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1I2
__vbaUI1I4
__vbaUbound
__vbaVarCat
__vbaVarIndexLoad
__vbaVarMove
__vbaVarVargNofree
__vbaVarZero
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtcBstrFromAnsi
rtcCharValueBstr
rtcImmediateIf
rtcMidBstr
rtcMidCharVar
rtcRandomNext
rtcReplace
rtcSplit
rtcVarBstrFromAnsi

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85c540b88e3f192a880bca987909f6cc

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB