1c9192450272981c4b0fdd78ef412424_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c9192450272981c4b0fdd78ef412424_JaffaCakes118
Size

28KB
MD5

1c9192450272981c4b0fdd78ef412424
SHA1

8c3be00788f6d9a91dd5032cf5c0308a5d68ad58
SHA256

3e887130dc9a06a79b955a0b5bc79ecc8926eb7090059c095687fb13e64eb87f
SHA512

ba65cc266bffcb3ae2cda75c37287797e2c7365cbb799f165aa42c6b7551d11b88aa985893fdb6ada545a4dbd559b54c06f2339826095cce69a082ad07c45aed
SSDEEP

384:2n3I1EvZL4XQ8feOungqER7DnlaDLbQ6:E3G4ZL4XQ8fingqwlaDo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c9192450272981c4b0fdd78ef412424_JaffaCakes118

Files

1c9192450272981c4b0fdd78ef412424_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80d8cef188316d10e645ecc1725fd708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord519
ord595
ord598
ord631
ord709
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord681
ord100
ord689
ord610
ord617

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ