f7f237b078647bf54340c8df3db11941_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7f237b078647bf54340c8df3db11941_JaffaCakes118
Size

216KB
MD5

f7f237b078647bf54340c8df3db11941
SHA1

e1832dad2b5270c38fab726dece7f7fd24a95eec
SHA256

53b1215a33954b7133c46b11c466a15204c5ecf7a6339359f2c484c4cfd5518a
SHA512

5bdcf24bb13911d81c1754c61dcdb8ea2de82e3880ad0c968b3f41dbfdad124ce4b65016fb81e1793976d9f44bb68d0f8800bcc59047719e387b07aac92f201b
SSDEEP

1536:ya7bFkyoR9W7fViDINhIUB3a6vmS4n909J5ebJohA3Q41dLfOVn6FK3uX3gsckmh:0W7YOCqa6injbJpA4njO56FK3mpm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7f237b078647bf54340c8df3db11941_JaffaCakes118

Files

f7f237b078647bf54340c8df3db11941_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdaf33d306518451e91b8cd437fffa72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord187
ord556
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord605
ord607
ord608
ord532
ord717
ProcCallEngine
ord537
ord644
ord573
ord681
ord685
ord100
ord616
ord431
ord617

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ