0c53c13daec10489a3f58791797c40bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c53c13daec10489a3f58791797c40bb_JaffaCakes118
Size

26KB
MD5

0c53c13daec10489a3f58791797c40bb
SHA1

bd20e81a48a10a2a06cb6740a7853d82810f13e2
SHA256

028a1d746313f73cbdd8ae05906b6cba1b19adcbea83f044b4b704738d51404b
SHA512

d12fc729679d89cc5735e8e3a6cddc8837fd99e8c40251e662faade195337bd72c8ddeaf989123b4feb3ee5f44651118b1b296ac181a47e1f75b852264862e84
SSDEEP

384:YUJN5B0Ca5KZACjtU71a9GWxGwAxVr6+Y9PffPzP9:YeNb0cDiWxG7x4bPrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c53c13daec10489a3f58791797c40bb_JaffaCakes118

Files

0c53c13daec10489a3f58791797c40bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79e9864a67e13ab9cabc4291cb06d156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord631
ord526
DllFunctionCall
__vbaExceptHandler
ord717
ProcCallEngine
ord537
ord644
ord578
ord100
ord616
ord581

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wdl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE