08db11930fdca976e1bb92ae2f3e585c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08db11930fdca976e1bb92ae2f3e585c_JaffaCakes118
Size

72KB
MD5

08db11930fdca976e1bb92ae2f3e585c
SHA1

4f9c5ef8d8e600a3516bf63344ec82e4dbac3c41
SHA256

bc4b54befd763a5240df6fe1a2647c2ae03b17aec2ba4b13fc8371533983f6a9
SHA512

7991edea38a9a00f1995685db3ba607952049958a95e5685ac1b893fa1a4fca5a6cf35ce97ea939db84ac36e23302584241305da9195588e02e776bbbf8250de
SSDEEP

768:OWanXmUt1Bhys4JeMOEksEOPx+ydUoJaCmUBKiTpHefeTcE1dk2ZwgKTZBhJtLX6:RChEgMNgZMBrcEjFFKjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08db11930fdca976e1bb92ae2f3e585c_JaffaCakes118

Files

08db11930fdca976e1bb92ae2f3e585c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70a4dbc17fc7254f4de86d2f07b5d70b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord517
ord519
ord301
ord595
ord303
ord598
ord520
ord307
ord521
ord309
ord631
ord632
EVENT_SINK_AddRef
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord531
ProcCallEngine
ord535
ord537
ord645
ord648
ord578
ord685
ord100
ord616
ord617
ord618
ord619
ord581

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ