e8a678a75c137c95397a77007f16cbf4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8a678a75c137c95397a77007f16cbf4_JaffaCakes118
Size

32KB
MD5

e8a678a75c137c95397a77007f16cbf4
SHA1

fde988f206101135144a84e0935f70295195ae98
SHA256

037496c7e44987229551d136d5cf5fa1fa5ed26b2ed6d5ac9a67a1f2e6a3fd0d
SHA512

dd62b23977b30f706c27ae22fdea8a5cafc395f3c4397af20b36b9dd6c9168770ae909707886f52fd22a293b87b5186d169b597bc9ff4791d875c7b3d65a2d1e
SSDEEP

768:OqoxGVi3uS2kx34EvzJhAvBeSty4JmwXO:Jfi3uSFx3XJhcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8a678a75c137c95397a77007f16cbf4_JaffaCakes118

Files

e8a678a75c137c95397a77007f16cbf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ced852ae76bc3b87884d15824970522f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord593
ord594
ord595
ord598
ord631
ord632
ord526
ord561
DllFunctionCall
ord600
ord601
__vbaExceptHandler
ord713
ord608
ord716
ord717
ProcCallEngine
ord535
ord644
ord645
ord570
ord648
ord681
ord100
ord617
ord619

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ