24bab7dc8258246159b03d6ddcc1694a_JaffaCakes118 | Triage

Sharing

General

Target

24bab7dc8258246159b03d6ddcc1694a_JaffaCakes118
Size

170KB
MD5

24bab7dc8258246159b03d6ddcc1694a
SHA1

54080496da736d98ddc41d52d80b3327760fae5b
SHA256

ec5f5fbdc2ab99e7eb4f83e31dc6bfc8e7a637fff0b3a141c383193c72e11172
SHA512

2aef2a9b08b7d377f66f3785c461c5a29f64279804beda7dcc39e3d02e16bd92a6f6c0952625dd619168a4794d5dab2edd5ff77bb997f0e1a7f941d348c95899
SSDEEP

3072:/7QV53L2qq0Z8k93xF26rBSPoV+gRh8BqelFW6++0vvOTYsSNwR9q5s:uLHq0Z8k92iBSPoV+gRh8celb++0vvOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24bab7dc8258246159b03d6ddcc1694a_JaffaCakes118

Files

24bab7dc8258246159b03d6ddcc1694a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

395e86241dd6cf52eb0fc5cebd901eb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord518
ord666
ord667
ord669
ord598
ord632
ord526
ord529
DllFunctionCall
ord563
ord600
ord601
__vbaExceptHandler
ord712
ord608
ord716
ord717
ProcCallEngine
ord644
ord570
ord648
ord576
ord100
ord616
ord617
ord619

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ