10090d736e98fe6955c9eff7e7c13a4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10090d736e98fe6955c9eff7e7c13a4b_JaffaCakes118
Size

28KB
MD5

10090d736e98fe6955c9eff7e7c13a4b
SHA1

b5ede6b6023fe36dc94c96f52352813d3636fa4f
SHA256

5a7afec0d72b9ca717a55e0915423e79c57911a90c4b394e116c929e1cb7332d
SHA512

cf7fcf336d85324a8474d985b4e19ca471cd835a3220fc25e41672f3409be769ad555ff87817ace737b3301bd347343f2e5dff6088317b7e950f9be66141b3cb
SSDEEP

384:smgC10PatGuSX8mjNbDArUSF5pf9QS+ImV:s5fa28mJgl9QShm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10090d736e98fe6955c9eff7e7c13a4b_JaffaCakes118

Files

10090d736e98fe6955c9eff7e7c13a4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9454bfeba1bf870e21550c688c13dca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord595
ord520
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord573
ord681
ord100
ord617
ord619
ord581

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ