1c62aab0cac64e04b8fbb97a9ba6aafc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c62aab0cac64e04b8fbb97a9ba6aafc_JaffaCakes118
Size

60KB
MD5

1c62aab0cac64e04b8fbb97a9ba6aafc
SHA1

c0fe2f1295e9e43de2020f2053c1370d066a8338
SHA256

16cdb421ce452dc09eeaf4c945c986f30c21c0344041ec9e2102ba8249b40901
SHA512

e6b10346c47106b29ce4cd1465a6ad9be0af50de4ab9857d87c953b82e48d93de99b643e73364374100e85416568e4dc20d7ad633f4c5c6ca546b8999a2130e2
SSDEEP

768:ocpzmvD4RWpK7EyLZM+K78fN8geDxVhQxXbanMVzq/L6gsZS3t5cpzmvD4RWI:rg0SKwyLu748g2IxXbanMVz8L6gKg0b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c62aab0cac64e04b8fbb97a9ba6aafc_JaffaCakes118

Files

1c62aab0cac64e04b8fbb97a9ba6aafc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58faa43a4ab44871048d9c3cbd4853fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

msvbvm60

EVENT_SINK_GetIDsOfNames
ord588
MethCallEngine
EVENT_SINK_Invoke
ord518
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord595
ord598
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord670
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord319
ord537
ord645
EVENT_SINK2_AddRef
ord576
ord685
ord100
ord320
ord321
ord616
ord619

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ