4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118
Size

127KB
MD5

4447e2e0dcfa90605dacc52323cfc08a
SHA1

18fe3e39add56c3405be72dc3e93a3789865bf28
SHA256

d6efc4dc4ff5e2a1783244679b88113be619bb41f1773786a73849f9be651614
SHA512

42eb52596ad838ec3cdade20f51adcd4836ff76c0b1aa0c19bc10981acbce7a48af0e1dc3837b70407c82c61bcd6407d0712bea8d9d5b61208dbc7559e755752
SSDEEP

3072:EC7AC7zC7jnVrT2QytC7zC7AC7nX6y9oFUCz:ECECvCECvCECmzFLz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118

Files

4447e2e0dcfa90605dacc52323cfc08a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdcd76d1ac5697a0dbd882afacb1d116

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord593
ord300
ord594
ord595
ord303
ord598
ord599
ord306
ord309
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord716
ord717
ProcCallEngine
ord537
ord645
ord648
ord570
ord571
ord573
ord685
ord100
ord689
ord612
ord616
ord617
ord619
ord581

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ