214f01bf8bf817e8bcf56e8da3f589b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

214f01bf8bf817e8bcf56e8da3f589b5_JaffaCakes118
Size

656KB
MD5

214f01bf8bf817e8bcf56e8da3f589b5
SHA1

052c8ae3d51c27764a97ce3c2395002bf4be0662
SHA256

b0284b0cad6039a15a23a737135002378bf5c403f4639f6da8aa9d0d5a9923d3
SHA512

73fc1ac86c4297400450a45f787c2e5a6b79aeb8092fc463c80e1c50bc1d09751d2df367fa14358c48f15941583bdb26b1c424b58e855627bcd7dd99268bcf53
SSDEEP

6144:RbQWg22ERTJKf3w8di6sACRZa077jX3R69WaOTMkzQiwNgMd5pSMOsfvWdk0hWZn:rJ2/1sAC3ak7RSBIMn3NgMcsmdOsjT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
214f01bf8bf817e8bcf56e8da3f589b5_JaffaCakes118

Files

214f01bf8bf817e8bcf56e8da3f589b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fddc55dace92050b738e455b5b099f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord693
ord517
ord661
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord562
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord685
ord100
ord610
ord617
ord542
ord546
ord581

Sections

.text
Size: 636KB - Virtual size: 634KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ