147604565ab8666006c85e024143cb7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

147604565ab8666006c85e024143cb7f_JaffaCakes118
Size

612KB
MD5

147604565ab8666006c85e024143cb7f
SHA1

b4131da311266ddf5001adb151c80e2e40486f2a
SHA256

5a9ef93d6dbdad585b249cc4920967d332b69f156a4584a701cee87e4c5548a9
SHA512

38119836502ee9b33be2364df258a91c1fcab2c4243f1704d476c68e4b31a59b4366d59c5f3b7b296abf8ef2d74a785c82fbacb248baf73b4dac1e3fe7c3c1b5
SSDEEP

12288:9w7Dzw7Dzw7Dzw7Dzw7Dzw7Dzw7Dzw7Dzw7D:9izizizizizizizizi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
147604565ab8666006c85e024143cb7f_JaffaCakes118

Files

147604565ab8666006c85e024143cb7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c19a3450218aa0d1ad3e34eee4687464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord518
ord626
ord666
ord593
ord594
ord598
ord520
ord709
ord632
ord525
ord526
EVENT_SINK_AddRef
ord529
ord560
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord716
ord717
ProcCallEngine
ord537
ord645
ord571
ord573
ord100
ord613
ord616
ord617

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ