8ff960047e92bcfb9a6c8729a0455245_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ff960047e92bcfb9a6c8729a0455245_JaffaCakes118
Size

502KB
MD5

8ff960047e92bcfb9a6c8729a0455245
SHA1

621545cc9dc698ba1f41d05f2aa3f2ad2dc2426c
SHA256

fd66f11d7036ba4d40ad2a3d104a8f7d355659ec4092cdc51559e3f4a197d6e7
SHA512

de7b712783b07e8f28e4ea36ef2d4701281b963646f953ca94cf39380bb6d503de764bbf775dc836a88600768c33611bba2dc284cc3552260307ee95e99c7815
SSDEEP

6144:XfTpw34bcnx6oh5KgLbZnen0Pj9DP2w0VN/hSAwAHzh1uoDPyO0G+tA7ckE:XflYtKanPhDO/N/hRRHzh1uoDlrckE

Score

1^/10

Malware Config

Signatures

Files

8ff960047e92bcfb9a6c8729a0455245_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69d66f22779e18d63ce32dd3e92fe1df

Code Sign

01
Certificate

Issuer

CN=Mars station complex mix solvent catalyst,O=Mars space corporation (c) reserved 2015\ ,C=UK

Not Before

27/02/2019, 07:27

Not After

26/02/2022, 07:27

Subject

CN=Mars station complex mix solvent catalyst,O=Mars space corporation (c) reserved 2015\ ,C=UK

98:70:cc:a6:ff:4b:57:65:92:9f:d5:17:ba:2d:f3:74:c3:85:58:a2:fb:ff:10:b6:92:64:ac:99:2e:21:45:e3
Signer

Actual PE Digest

98:70:cc:a6:ff:4b:57:65:92:9f:d5:17:ba:2d:f3:74:c3:85:58:a2:fb:ff:10:b6:92:64:ac:99:2e:21:45:e3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord583
MethCallEngine
ord629
ord595
ord526
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ