abf923f9e5ad3b9da1c2a047cf9a1cbe_JaffaCakes118 | Triage

Sharing

General

Target

abf923f9e5ad3b9da1c2a047cf9a1cbe_JaffaCakes118
Size

66KB
MD5

abf923f9e5ad3b9da1c2a047cf9a1cbe
SHA1

093e7677bd0a44768224ed1342c96194a69b17d4
SHA256

2825e447a2f32a71f92b4e3bc379c6618643b6cc2f873df28932396c636c0771
SHA512

59998004ae4edb92c0a755d854345f43e73793d572b35a4a8399f2acab887fea2c8d9290d23a24baddf8796a74f809e46614cbf8e5994cf05a0afdd56be4e476
SSDEEP

1536:9VkpfeRHOeuJi9U0iVdiuJIDiJ3zhAl7HS4iHKSxOu9U:XNR+Ji9U0YddJKG3dAg4i5Oui

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/psat.exe

Files

abf923f9e5ad3b9da1c2a047cf9a1cbe_JaffaCakes118
.zip
conf.ini
psat.exe
.exe windows:4 windows x86 arch:x86

c485af5948005318a27363811ec4b7d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord660
ord595
ord598
ord520
ord631
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ProcCallEngine
ord537
ord571
ord685
ord100
ord610
ord650
ord581

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ