06df1fcdc798be4cec9aa1d55ad0a63d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06df1fcdc798be4cec9aa1d55ad0a63d_JaffaCakes118
Size

54KB
MD5

06df1fcdc798be4cec9aa1d55ad0a63d
SHA1

712bf0135281b6386bde209253c81b800e753538
SHA256

56a0c75023f0e420f7e86d212dfac9e673e738890ffdb4ed0bf68adf1863985a
SHA512

63d082707a94d769a1efe1cbdb4e6a2163a874b7591b9989c99d4ddfa936a6395a5a285b2e57ccf94e690cc4f339fc665633d557e655e2e350bcbea3415d9ce8
SSDEEP

1536:3kuB3LbdDypLIZSy9f9C67E4hrOYphyVtQ6uUiyySH2:3kUGI9PONQL8ySW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sucesso_beyonceMPG.com

Files

06df1fcdc798be4cec9aa1d55ad0a63d_JaffaCakes118
.zip
sucesso_beyonceMPG.com
.exe windows:4 windows x86 arch:x86

d8a41e8c9a81d04ec24d53eeda94a55c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord595
ord631
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord531
ProcCallEngine
ord537
ord645
ord572
ord576
ord100

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ