79c9dba0e69eb8839d8a9d937a620dec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79c9dba0e69eb8839d8a9d937a620dec_JaffaCakes118
Size

73KB
MD5

79c9dba0e69eb8839d8a9d937a620dec
SHA1

330e05bf74155d704c7b5884e7ac554fe5c709cd
SHA256

6b486bd9b906e97afbe77431786674693b008d51cf428d4898c38008fe3385c0
SHA512

c5258c582d317c2d0d98ccb3a736c34dc66feb11ddd08a49365ced1298184063624c91374f776ee83b53c4eb3bf08a3d03b3fdf96653468e3c58472a0eb72d07
SSDEEP

1536:s1kAv6l9xGkoy2l+A2l8Ull5fWXUM4v7pr8LQL4wCGcxew+wC:EkAOGko6rmUfxbDLLcUEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dhl_paket_388985613856699__ID__388890129248541HHK___GS_X__D05_06_2015___LKA07_17_15.exe

Files

79c9dba0e69eb8839d8a9d937a620dec_JaffaCakes118
.zip
dhl_paket_388985613856699__ID__388890129248541HHK___GS_X__D05_06_2015___LKA07_17_15.exe
.exe windows:4 windows x86 arch:x86

77793069cc6447ffce9542b629a30c2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord595
ord631
ord632
ord525
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord717
ProcCallEngine
ord537
ord645
ord570
ord573
ord685
ord100
ord617
ord650
ord581

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ