19a9a3ec687d46e049da0dae64dc47ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19a9a3ec687d46e049da0dae64dc47ca_JaffaCakes118
Size

20KB
MD5

19a9a3ec687d46e049da0dae64dc47ca
SHA1

f4f4b8a735bea0814763a55d2ef3aef35618d795
SHA256

2d08995637ff201294c339ebc2d6e08c8d3a0729e5e1b1648f501551fcd98a18
SHA512

af57ab02a66653c6bcc5b1751c3ff352a8e16c8f60dd12c2aa1f6260fbb9fe11f78ec697277b325ca762fb246ca572429bc72203b30a125ed6cf478450b3d828
SSDEEP

192:YR4tfZd2noicM5k4aUkiDtO9H52ugO8M:LfZd2ncM5/a9ix6ZiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19a9a3ec687d46e049da0dae64dc47ca_JaffaCakes118

Files

19a9a3ec687d46e049da0dae64dc47ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0af114777b2ccd56f64897f190955b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord626
ord595
ord632
ord526
DllFunctionCall
ord670
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord570
ord100
ord616
ord617
ord581

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ