1ad32ebfe3322cd9c59732171a6000d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ad32ebfe3322cd9c59732171a6000d4_JaffaCakes118
Size

353KB
MD5

1ad32ebfe3322cd9c59732171a6000d4
SHA1

ff84dc7126e60e3824988f0d7221e4d6ded86158
SHA256

0cd669db573e6ce883c548561fe0bc6f8b91e6a73c2df13b34173d801e04dae7
SHA512

736e2838599025c07363471e1e7cc22c5b99a70482e419caea3eed263cfdc5d57e973a7def0c55c0bf7468c61eb305c6a7b6ceb0a6f2286148c2e83fa34477f2
SSDEEP

3072:oXZxRGkHQGKWCbCUcO66uO5n0VZlgmGo9cs+QtxqgP+gtXdU0FTOq5:756dO5YZans/zqkF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ad32ebfe3322cd9c59732171a6000d4_JaffaCakes118

Files

1ad32ebfe3322cd9c59732171a6000d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d01808d7ee44a15dbefbc58f370b3276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord626
ord666
ord595
ord520
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord537
ord100
ord617

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ