0f629bffdf93a57a00574bb54a02f0e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f629bffdf93a57a00574bb54a02f0e7_JaffaCakes118
Size

40KB
MD5

0f629bffdf93a57a00574bb54a02f0e7
SHA1

559d4d9d9fd5ea1eb4fba0157d0991f101899ed6
SHA256

7b5751866c515e5c7a6b411e250406beea1be26b7d085b2fb7ff216f778664bd
SHA512

625c08c1dd322ba27e08560facd3599382816f54dff3617823c26ac361ec437fec3fff5163e337629228a4344de0e9076c1f737fdc49eff969745df89967f1ee
SSDEEP

384:xpA/h/6rSb21Ghnv5BsB3wJ3eKHWAFacRBuHa79arpNiIoTaueKdAcsqCfUvFjPa:YJQ0n0z1Aqa79KpNiPTaHJjLeC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f629bffdf93a57a00574bb54a02f0e7_JaffaCakes118

Files

0f629bffdf93a57a00574bb54a02f0e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

886b99329338971a4c061059e26a4b49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord669
ord301
ord303
ord305
ord307
ord309
ord524
ord709
ord631
EVENT_SINK_AddRef
ord527
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord601
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord313
ord712
ord608
ord717
ProcCallEngine
ord645
ord100
ord689
ord616
ord617
ord618
ord619
ord581

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ