53d04268e411d5f3bad7f846701ba869_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53d04268e411d5f3bad7f846701ba869_JaffaCakes118
Size

292KB
MD5

53d04268e411d5f3bad7f846701ba869
SHA1

1f2198243a085b59ba2fb67c2d0c924189a18b2d
SHA256

7b243865aacba44d58c83f69bdf5aaf8af2bd9846fa52db9798806b0ba576c32
SHA512

c8fdfd47439a0e04c5cdeb3c22d7aefa094b83b5881cb3902d4dd585a4342d29e77943f41d4551cd96556b0040b17d76679189c57e3caadbf681bb5d0104ec6b
SSDEEP

3072:Z1PToWkBCJnggHQunRyJF67sMSooq1Jzxgg4wOJpTth:r1rUJFinPoIZC3pT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53d04268e411d5f3bad7f846701ba869_JaffaCakes118

Files

53d04268e411d5f3bad7f846701ba869_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4cf7197080537024c892cdbcbf9ddc3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaVarTtGt
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMovD
__vbaVarVargNofree
__vbaAryMovD
__vbaFreaV�r
__vbaLateIdCall
__vbaLenBstr
__vbaStrVarMovD
__vbaEnd
__vbaFreaV�rList
__vba ut3
_adj_fdiv_m64
__vba ut4
ord620
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaResumD
ord550
__vbaVarCmpNe
__vbaStrCat
ord660
__vbaLsNGFixt
__vbaSNGfF%M,B X-�
__vbaRecDBt uct
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTtLe
__vbaAryDBt uct
__vbaStrBool
__vbaExitH
__vbaVarForI
ord593
__vbaFileC��ALEAII__vbaObjSNG
__vbaObjSNG
__vbaOn X-�
ord595
_adj_fdiv_m16i
ord303
__vbaObjSNGA�uf
_adj_fdivr_m16i
ord598
__vbaFpR4:::__vbaStrFixt
ord599
__vbaStrFixt
ord309
__vbaFpR8
__vbaBoolVarNull��_CIsin
_CIsin
ord631
ord525
__vbaChk%Mk
ord526
__vbaFileC��
EVENT_SINK_AddRef
ord528
__vbaGenerateBhunds X-�
__vbaStrCmp
ord529
__vbaGet3
__vbaGet4
__vbaVarTtEq
__vba utOwn�4
__vbaR4Str
__vbaI2I4
__vba 1
DllFunctionCall
ord563
__vbaLbound
__vbaStrR4
__vbaRedimP�)�(/
_adj_fpatan
__vbaFixt Cnstruct
ord569
__vbaLateIdCallLd
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_"68
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaVarAnd
EVENT_SINK_Que�I $GKEE|
__vbaStr2Vec
__vbaStrUI1
__vbaVarMul
__vbaE��K��n>Qr
ord711
__vbaStrToUnicode
__vba 1
ord606
_adj_fprem
_adj_fdivr_m64
ord607
__vbaI2Str
__vbaVarDiv
ord608
ord531
__vbaFPE��K�af
ord717
__vbaInStrV�r
ord532
__vbaUbound
__vbaStrVarVal
__vbaGetOwn�4
__vbaVarCat
ord534
ord535
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
__vbaR8Str
ord648
ord570
__vbaVarI
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaI4Str
__vbaFreaStrList
ord576
_adj_fdivr_m32
__vba owerR8
_adj_fdiv_r
ord685
ord578
ord100
__vbaVarTtNe
ord579
__vbaI4V�r
ord689
__vbaVarCmpEq
ord610
__vbaAryL
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord612
__vbaFpI2
ord616
__vbaVarCopy
__vbaFpI4
ord617
_CIatan
__vbaStrMovD
__vbaCas
__vbaAryCopy
ord618
ord619
__vbaStrVarCopy
ord650
_allmul
ord651
__vbaLateIdSt
_CItan
__vbaAryUnl
__vbaFPI
__vbaVarForNext
ord548
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE

.��u
Size: 1878.3MB - Virtual size: 1878.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrcu
Size: 1878.3MB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cf7197080537024c892cdbcbf9ddc3f

Headers

DLL Characteristics

File Characteristics

Imports

msvbvm60

Sections

.text Size: 272KB - Virtual size: 271KB

.��u Size: 1878.3MB - Virtual size: 1878.3MB

.rsrcu Size: 1878.3MB - Virtual size: 1KB

.text
Size: 272KB - Virtual size: 271KB

.��u
Size: 1878.3MB - Virtual size: 1878.3MB

.rsrcu
Size: 1878.3MB - Virtual size: 1KB