7db485577e0001ef75dd31a9cf1a5fbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7db485577e0001ef75dd31a9cf1a5fbd_JaffaCakes118
Size

552KB
MD5

7db485577e0001ef75dd31a9cf1a5fbd
SHA1

5ecc1b5b3cf1ff59d3ebca3ab13eac4a314b3d2e
SHA256

9e2bb7d1507e0c1c49ca7ece12dd424667dd8982f735af45e615a5cc47008aed
SHA512

0ca4f12b0a8cba1248ca2bcadd5ba6c3f25f035279225e9826e09a4a076962d5fe63c74566288e359aca6b9bbf0b02b952d8831eed6c82c56b42eccb4854bda8
SSDEEP

12288:zJNkNy4mHZP4zDzJKVyOmkoNXGOoZONJC:NqtmHZPcRKvmkaXJoIvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7db485577e0001ef75dd31a9cf1a5fbd_JaffaCakes118

Files

7db485577e0001ef75dd31a9cf1a5fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6b18f85790436b1ae4ccf8d24fc4bf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
ord693
ord698
MethCallEngine
ord515
ord661
ord667
ord598
ord705
ord708
ord631
ord526
ord633
EVENT_SINK_AddRef
ord561
DllFunctionCall
ord672
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord531
ord537
ord646
ord647
ord571
ord574
ord575
ord684
ord685
ord100
ord610
ord616
ord617
ord619
ord542
ord580

Sections

.text
Size: 528KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ