26a3576534ec38c5f265bf39854d97c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26a3576534ec38c5f265bf39854d97c1_JaffaCakes118
Size

92KB
MD5

26a3576534ec38c5f265bf39854d97c1
SHA1

6b172a7143ab86d2cdb0d3faf1c61cd3ac26b125
SHA256

f5eccf00de390f2b1fcd6275ce33b0b6b91e55bf0d9a1aabebe40f1e4b519c6a
SHA512

03bf49f42622300f6239155dae35fd75a2a8902344bf6cf605b67325cba5a260d9f451ce51567fb3aca4747f913759ed3c5c3d70382ad879fc1ca900e94e8bcb
SSDEEP

1536:VlkUpedfU8lGX32pBL6xJNk7UD4BYvmtm9t3SJLe3drqJkBD:V0dcCy32DANNDP9MJi3drq4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26a3576534ec38c5f265bf39854d97c1_JaffaCakes118

Files

26a3576534ec38c5f265bf39854d97c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a4a548b0f3832a6ab65b58add1867a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord517
ord518
ord519
ord300
ord595
ord598
ord306
ord520
ord631
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord716
ProcCallEngine
ord645
ord570
ord571
ord576
ord100
ord619

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ