d73f43b12b23c4d3ce4060b2e2d085e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d73f43b12b23c4d3ce4060b2e2d085e3_JaffaCakes118
Size

55KB
MD5

d73f43b12b23c4d3ce4060b2e2d085e3
SHA1

bbe55f5f48e3f9bf0cd2cc8a5bb7ac59d44c1955
SHA256

399ccabf7f5c91c00ec5badffd0d51ce9b6128cb358f04f49caf6cef3fe8ab00
SHA512

25df8dd04e453b34183d5a2f4ace409af4d6ca9abc0cacb2f6968b7d4f7e1baf45a49c9ad818e053d3e765626fa39041f3b8c4b447b82c545fef0b4b307160fe
SSDEEP

1536:RkJZ4puRcbqZC9NxCI4jx3tEbxRIQyk0tP38ot9:Rkv4puRcbqZjI4g8FztPMor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SP-Shipping documents (draft) last revised -10-19-2021 INV-OBL.exe

Files

d73f43b12b23c4d3ce4060b2e2d085e3_JaffaCakes118
.lzh
SP-Shipping documents (draft) last revised -10-19-2021 INV-OBL.exe
.exe windows:4 windows x86 arch:x86

c066fd18a2f081783eedb8829532eed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
ord583
ord690
MethCallEngine
ord514
ord515
ord554
ord557
ord666
ord667
ord592
ord593
ord594
ord596
ord598
ord703
ord704
ord705
EVENT_SINK_AddRef
ord528
ord529
ord562
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord716
ord609
ord535
ord536
ord539
ord648
ord680
ord100
ord611
ord612
ord541

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ