1f1bfcce8368c20eda98e3e67985c8fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f1bfcce8368c20eda98e3e67985c8fc_JaffaCakes118
Size

231KB
MD5

1f1bfcce8368c20eda98e3e67985c8fc
SHA1

da2d2100c930f7166d77f7ac0b4c7ad2e181b7c2
SHA256

fdf793520058c0b79e2ba20839389b239fe6e5e76f8a97d7c2b5d7f40afdfbca
SHA512

66b786386c35d6b4b5fabf16249ca6605e6b3bb0d1e08584357b1b2eed5c429c61f36537bb0873bdde739b2e5d2d50314220e4f3b2884c8e961c33799a18c73e
SSDEEP

6144:6D14UP18jouCQIMTfxKCvJZfjcU9H8oT6ilKl1GZxQ:u4yvQIM9vkUuoT6ia1+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NEW PURCHASE ORDER#10.exe

Files

1f1bfcce8368c20eda98e3e67985c8fc_JaffaCakes118
.7z
NEW PURCHASE ORDER#10.exe
.exe windows:4 windows x86 arch:x86

b1b4f72b982dc3ea85f948007bccab44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord695
ord589
MethCallEngine
ord518
ord666
ord593
ord595
ord520
ord631
ord524
EVENT_SINK_AddRef
ord528
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord646
ord685
ord100

Sections

.text
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ