1c61f91f1450e35b6caf72c35dd241a2_JaffaCakes118 | Triage

Sharing

General

Target

1c61f91f1450e35b6caf72c35dd241a2_JaffaCakes118
Size

48KB
MD5

1c61f91f1450e35b6caf72c35dd241a2
SHA1

0c762e29f6119ef574772fa26e03dd506024fd59
SHA256

c744e97bf436e1b8d770d4a99a382adf88b349ab16ec7016f3937548314fbe3e
SHA512

f3ec8fc90ddaccace4518d09269fd731a7476c4ed49cb139fbd9bc5c9181d57977505ee1f175dae1c71050eea284630cc87978565d356b495ee24d751978c1ca
SSDEEP

768:r++5jknOFgbpKF9POi9hYY8o2jY1MT0cKRr57i/Fz:P5jkn2opKF9POiPYY881MGip

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c61f91f1450e35b6caf72c35dd241a2_JaffaCakes118

Files

1c61f91f1450e35b6caf72c35dd241a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4594a8d0be6c6c3acd4566cb03133795

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord608
ord717
ProcCallEngine
ord537
ord644
ord573
ord100
ord617
ord619
ord581

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ