JaffaCakes118_eb3ae94748dd1fd4630585613ae25c5f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_eb3ae94748dd1fd4630585613ae25c5f
Size

152KB
MD5

eb3ae94748dd1fd4630585613ae25c5f
SHA1

92573dd8bf895ec80f97e2fb3dc3d7c3ed5d2d04
SHA256

092ee9258cae9bbe4f3c7fc08d672ea2d1c96af6f95a19b66ce31c40dd805a78
SHA512

9d0c4d557ff9482a146b35d3776bf43ceaf7a4fff6d0795022a78fc113475224e3cd6e6a48207fbee66596d2a4e1550f41ec6c81ec68dcfcf90930b348141bd4
SSDEEP

1536:yoPwKzbw6Mrx1oi1YbL3+lAfH6R++bHGLqUO1tD1BhKWPWny951YFfYaC0KdNUje:1bIoi12Lz6xhso1YQ0gNdKMi/2mcp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Oferta HOM 344210922_SP_10_22_2021.exe

Files

JaffaCakes118_eb3ae94748dd1fd4630585613ae25c5f
.eml
- https://t-eu.xink.io/Tracking/Index/DCEAAKh2AADe-FAA0
- https://t-eu.xink.io/Tracking/Index/DSEAAKh2AADe-FAA0
- https://t-eu.xink.io/Tracking/Index/DiEAAKh2AADe-FAA0
- https://t-eu.xink.io/Tracking/Index/DyEAAKh2AADe-FAA0
- https://t-eu.xink.io/Tracking/Index/ECEAAKh2AADe-FAA0
- https://www.gea.com/en/index.jsp?utm_source=default-signature&utm_medium=link&utm_campaign=email-signature
- https://www.gea.com/en/index.jsp?utm_source=default-signature&utm_medium=logo&utm_campaign=email-signature
- https://www.gea.com/en/info/legal/confidentiality-notice/index.jsp?utm_source=default-signature&utm_medium=confidentiality-notice&utm_campaign=email-signature
- https://www.gea.com/en/info/legal/privacy-policy/index.jsp?utm_source=default-signature&utm_medium=privacy-notice&utm_campaign=email-signature
Oferta HOM 344210922_SP_10_22_2021.gz
.gz
Oferta HOM 344210922_SP_10_22_2021.exe
.exe windows:4 windows x86 arch:x86

9a680a4ab9f2f92c6ce20903d7caa304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord703
ord705
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFailedFriend
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaStrToAnsi
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
ord544
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
attachment-2
.js
email-html-1.txt
.html

Sharing

General

Malware Config

Signatures

Files

9a680a4ab9f2f92c6ce20903d7caa304

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 96KB - Virtual size: 92KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 4KB

We care about your privacy.

.text
Size: 96KB - Virtual size: 92KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 4KB