00b13a7cbcd7491ac5778c1bf694381e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00b13a7cbcd7491ac5778c1bf694381e_JaffaCakes118
Size

392KB
MD5

00b13a7cbcd7491ac5778c1bf694381e
SHA1

c72074f66b6e10b6b6711eb8676d9049c28ace00
SHA256

2ab7a94ed3015eef946f3e9ce0d3c70a255fa39b52633ccca3836d614ff19629
SHA512

e301596f05e2fcc8e45e7ff88c85e578f520b8c3b282cebe01418ee9c95f129e0f054deecf3d38a7cbca6a70583d029d6bd375f4340444890a0c3bc757697765
SSDEEP

3072:rlDUVZAzA3b4jTFSAwnQA3C6+tbDYs4V+m6OQHSwj3+xRBJlebSYTq5RSJUwQcY4:rlYVZiAwpdFDMUOemP5wJTPI0OvF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b13a7cbcd7491ac5778c1bf694381e_JaffaCakes118

Files

00b13a7cbcd7491ac5778c1bf694381e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

accb403fcdeb0978e6cafe8d669bae7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord588
ord698
MethCallEngine
EVENT_SINK_Invoke
ord516
ord518
ord519
Zombie_GetTypeInfo
ord592
ord300
ord301
ord595
ord306
ord520
ord307
ord523
ord524
ord631
ord525
ord632
EVENT_SINK_AddRef
ord527
ord528
ord529
ord560
ord561
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord606
ord607
ord714
ord608
ord716
ord717
ord319
ProcCallEngine
ord535
ord537
ord645
ord648
ord572
ord681
ord685
ord101
ord102
ord103
ord104
ord105
ord320
ord321
ord616
ord618
ord619
ord546
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 328KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ