0a510b3f949e9589d9f8591f5690be1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a510b3f949e9589d9f8591f5690be1d_JaffaCakes118
Size

56KB
MD5

0a510b3f949e9589d9f8591f5690be1d
SHA1

85d8f25cd2e82647e81c9548040cc763538e5569
SHA256

f27b5aefbd58d5f7ef240c10b2efa888b43d4542225e377a3c76af6761475f7e
SHA512

2ab21426621f83d1a6580effebe96bea8841e4b726b88b47be5c9e7c409397d4eb6d654b3b91cb65ccaefc023d239aba54096414a6e6f8cbd32e5fe99737dd7b
SSDEEP

1536:KEixK7P8n+ECf0Tk2T23CeSZP+vC8WDn3vW98:KEixCPiXCcTk2T2yeSZP+vC8+n/W98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a510b3f949e9589d9f8591f5690be1d_JaffaCakes118

Files

0a510b3f949e9589d9f8591f5690be1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ccda76930a61d5a84c8b84ddeb92587

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord518
ord556
ord593
ord594
ord301
ord595
ord307
ord631
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord314
ord315
ord607
ord316
ord608
ord717
ord537
ord644
ord645
ord648
ord573
ord685
ord100
ord689
ord617
ord581

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ