addb13755e53e50f9da15f0573152b35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

addb13755e53e50f9da15f0573152b35_JaffaCakes118
Size

456KB
MD5

addb13755e53e50f9da15f0573152b35
SHA1

31c80e2b368cab8794bfbe5d01f9bbde849bad33
SHA256

852cd391dcd3883480c7ecf73298af76ec776a47aef4e114ef4b2c5a0a4ca831
SHA512

d45901cdd97b7a36675e43977a1eabaf13658151f77d0d617e2da472f632a63422d12d67814e73d094e75f6a1b8f962056bda3be5aeda974d0ec0739abaae5c3
SSDEEP

6144:qwGPxSNqk609O2Sf1RbBnNUGVulTHwQa1MB3eNaKzq+cnaEn668Zn/fhq8xS:mP0f9fKSGVIQQa1X4KW+YaE66i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
addb13755e53e50f9da15f0573152b35_JaffaCakes118

Files

addb13755e53e50f9da15f0573152b35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d14aff85b011a6b89546de74573a7cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord694
ord589
ord698
MethCallEngine
ord517
ord519
ord666
ord595
ord522
ord523
ord631
ord526
EVENT_SINK_AddRef
ord527
DllFunctionCall
ord673
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord714
ProcCallEngine
ord645
ord647
ord574
ord685
ord100

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ