17f47c1e966b22f53a7d65655c38bd96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17f47c1e966b22f53a7d65655c38bd96_JaffaCakes118
Size

908KB
MD5

17f47c1e966b22f53a7d65655c38bd96
SHA1

1d19f24aaed92b30e7b81a627a61626bbc337dd5
SHA256

c89dee31c0bfbe510a581aad9a1da2fab6e436da93b3c385284cf0ff6d563028
SHA512

4828bae8da9e04e0eba98a67af90badbbede8e233202484eb264a88371e06c799ea827800b853b8d17354fe0f3f7259368cb1e398f6f6f8d8d5e403845265c0b
SSDEEP

6144:Dnvb7ORUQxcBKTxd5udhiNoGset53wzrM3sYpc/uvLFbF81/gORUQxcBKTxd5udl:zORUwsG9wZ0c/uk/gORU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17f47c1e966b22f53a7d65655c38bd96_JaffaCakes118

Files

17f47c1e966b22f53a7d65655c38bd96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddffa84509a88734a00040363908f302

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord626
ord628
ord665
ord666
ord300
ord595
ord303
ord599
ord306
ord309
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord562
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ProcCallEngine
ord644
ord645
ord572
ord573
ord100
ord617
ord650

Sections

.text
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ