eb972937b811279283b04188e5d72bb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb972937b811279283b04188e5d72bb7_JaffaCakes118
Size

508KB
MD5

eb972937b811279283b04188e5d72bb7
SHA1

d6556fae5af7edfaeb0377518e9d880f6ba6b892
SHA256

6d83ecec7fc0d93b8523f9a63d04229eec364184d43df08886b7e1efdff61aa8
SHA512

8af30a61040f328ceefcf3a28845c20f532a48cee715941868abc0530ec3a1d43bc56d7cd5a1c05de6602d64de4e1a6117077de8e0b1a9e77670bbc226dded82
SSDEEP

6144:/vgZ0uTOvVpJrW8LXEpfJHAzRyOweWH6NFX3tNs+EuVqBJcFlDGqnN8F5C+J5G7f:/nuTUbP+HxeWuV3fXEQGo8FfXG7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb972937b811279283b04188e5d72bb7_JaffaCakes118

Files

eb972937b811279283b04188e5d72bb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0150342cab57b8bf999afa3514cc0c60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

expsrv

DllFunctionCall

msvbvm60

ord632
ord526
DllFunctionCall
__vbaExceptHandler
ord712
ProcCallEngine
ord644
ord100
BASIC_CLASS_AddRef

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 376KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ