267190b480fca0951027298c9d0eb390_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

267190b480fca0951027298c9d0eb390_JaffaCakes118
Size

52KB
MD5

267190b480fca0951027298c9d0eb390
SHA1

d3108a1c86df5832728d241a83385bc000e99601
SHA256

90d353b40cfec371362988fbed4c6d52b556e3080b1c9ede829a08f68d67facb
SHA512

5015681cc3bda1b7e708cd8e5640acd01a580053020c983d5e0a59983facf771545f08c8127f17d83c19aec847723943e19bcedc492af1a3625d4caf76c02548
SSDEEP

768:bRSQIdG4qoWubm5ok+fIPdelbraefVfbW4ntjuF5vYhmG38:AQFoLmy1IPdetJhC4ntm5vN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267190b480fca0951027298c9d0eb390_JaffaCakes118

Files

267190b480fca0951027298c9d0eb390_JaffaCakes118
.exe windows:4 windows x86 arch:x86

946735fe418c10516f6e929f3982c919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord626
ord632
DllFunctionCall
ord670
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord100
ord616
ord617
ord581

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ