16c8a61f274ff819eb9998724ac3614b_JaffaCakes118 | Triage

Sharing

General

Target

16c8a61f274ff819eb9998724ac3614b_JaffaCakes118
Size

66KB
MD5

16c8a61f274ff819eb9998724ac3614b
SHA1

a4605671b21326ae087891919e199db419fb2cb6
SHA256

af86f03647aebc6957fc7e8676d858ad1ffea3a188f09a19c44ef0c2fdc3988c
SHA512

2078938a754d0bef43bc55d1c33f8d585cded36080e153af16d7dbb37d4de7922294a0640ef832d6b7312d606e0621c7420ba1eac60f19dfb7318278ee39fdae
SSDEEP

1536:5RXBbVCMKxfuumkn/ha2+W0SSEgx7igxLEV7WstfnHw:5RlVCMUvmS/vdg0MYV7WstfnHw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c8a61f274ff819eb9998724ac3614b_JaffaCakes118

Files

16c8a61f274ff819eb9998724ac3614b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e908bbe4fd3a11ee0a56594f01f59428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
EVENT_SINK_AddRef
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord717
ProcCallEngine
ord570
ord100
ord616

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ