ff44d48468779a7c7314dcdd4189e0be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff44d48468779a7c7314dcdd4189e0be_JaffaCakes118
Size

192KB
MD5

ff44d48468779a7c7314dcdd4189e0be
SHA1

60daae6379448b009119d0363b47fd79ccebada0
SHA256

d546fe7789ddb59c60670b9362ca523c99dae9289b64c225009376efaf3e7d95
SHA512

e3ea317a7098a81957b5e9b13513b9b36ee6971cff54cc497e948493012cf7c0ec875ae63487933e142b048905d5a3d1c129825d1bcd0b5381eb61abd2ceb4f0
SSDEEP

3072:T17b0VqrbuseeYcQQhw/gm/+Brm81MWYPUJo0RQoNMqi2g+Mn//JSaK9tiGEx:hP2met44l/y3MeJo0RQMhc/xS5tGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff44d48468779a7c7314dcdd4189e0be_JaffaCakes118

Files

ff44d48468779a7c7314dcdd4189e0be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

570d4f298c94a4336f045d9a3fc9cff2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord621
ord516
ord595
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ