18c589ac2f29fdc64c09b3b01dd37530_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18c589ac2f29fdc64c09b3b01dd37530_JaffaCakes118
Size

16KB
MD5

18c589ac2f29fdc64c09b3b01dd37530
SHA1

dc0182d6a10020a34ceaf71116e07c6e2a84323d
SHA256

870d44b75aefe914dfe2a22e020b34c26a7634c30afaa3860adac2ffb9e77f5a
SHA512

b658796dfd422f9e0112397019ebca764534ead3f17d4b4418c77ed050c7dabed524858e78f25bca7c59f6595e2dc9b3797a6acd365b8110e8f5dda4626d8d32
SSDEEP

192:X81k4RG0giPGMGaTL3t8iJndRhqI2Io4:X81k+hGM5n3XJ5vU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c589ac2f29fdc64c09b3b01dd37530_JaffaCakes118

Files

18c589ac2f29fdc64c09b3b01dd37530_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a7ad8acac51aad13d0b521eae881eda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord632
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100
ord617
ord619

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ