9aed167e10c4c62012e48d4db31dac61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9aed167e10c4c62012e48d4db31dac61_JaffaCakes118
Size

508KB
MD5

9aed167e10c4c62012e48d4db31dac61
SHA1

a464d8516327559d706606379b001d2da0077991
SHA256

21654d95c2cf288dde5339db5416c9cf9b3c56d35ac145e5b04d2bc55fbcb429
SHA512

149b41282e33189084b92dc3feb70a5514ef96af0cba4309c01a0d03ac3908ec82fa3a8a3b533b7a7bacc7f681ab12fed9a1bf81dfbc9c8958ddfea6bc42790a
SSDEEP

6144:FEKXgC5LeuPyy9aQngIygHUq6C4O8F5SQxn5g22h+YZYL:FHT5K4yYaQn/N0qlQSQzg1Lw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aed167e10c4c62012e48d4db31dac61_JaffaCakes118

Files

9aed167e10c4c62012e48d4db31dac61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee4e17b38ecefcf29dbb4723ce20a1b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord661
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord646
ord100
ord610
ord613

Sections

.text
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ