014b5acbee693a44596575c8846fbb16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

014b5acbee693a44596575c8846fbb16_JaffaCakes118
Size

100KB
MD5

014b5acbee693a44596575c8846fbb16
SHA1

d996a7469d6eaea0e5670bd7a924bbaf690c539a
SHA256

eee2a29dbf93b8e26a850158fd7e50add81173a36b5dce3422f5059036d5d3e5
SHA512

4eb95108f1b1c8949b4ef908922e534beb41cdcd02ace6fdca4b489900aeece3fd3ec8a5cf3d2eda96d2eba02cd6e045dcc96b2a651dbf194f88518fe885bfac
SSDEEP

1536:h3i6EBXlLOUp5/HNi/SrmWcb+sp9NLMXy3i6E:CLOUp5/HNi/Sy5Csp9NL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014b5acbee693a44596575c8846fbb16_JaffaCakes118

Files

014b5acbee693a44596575c8846fbb16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f076f3a1284e8382e0536dbe1729a28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord519
ord595
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord536
ord576
ord100
ord610
ord612
ord616
ord617

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kijtvcp
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE