23fdaa38ddf2be2b90a201b3f3ecca7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23fdaa38ddf2be2b90a201b3f3ecca7d_JaffaCakes118
Size

245KB
MD5

23fdaa38ddf2be2b90a201b3f3ecca7d
SHA1

e356fa15b8c315288323a6b6c8264203d0ae949c
SHA256

b499a6e8d993e2625c84c020a0f0d8effd9532f0a20b07b89ca6bbf48636b4bc
SHA512

61c93277c9301b7304fb632307ff219b0910e6235775945d4216fb5076b6afe8914ad5eb02b5931b6b7b62f7cd7ebf2e5864b3f9a68a1bb8b489fd6277c615ed
SSDEEP

3072:pQtn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4E4Z:p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fdaa38ddf2be2b90a201b3f3ecca7d_JaffaCakes118

Files

23fdaa38ddf2be2b90a201b3f3ecca7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8225c8d42a4e31268b0f9ec9a5f544b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord516
ord628
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 241KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ