254ed0bad03c96b062ca2d278761fb48_JaffaCakes118 | Triage

Sharing

General

Target

254ed0bad03c96b062ca2d278761fb48_JaffaCakes118
Size

72KB
MD5

254ed0bad03c96b062ca2d278761fb48
SHA1

be2e7d798b2d3d4d457682cb20a761e965822f8e
SHA256

df3ec327d8f0526686a096032134039d4945bd892931ceab10e8ed8abcd81897
SHA512

35f3eb178947176d1f5f495b0b60d8ed752255604d73ce1637ae0aadf7671e764cc882f13b4743d3225307477fa96899e225628b7cbb872b9c4b96ee1cdca0ce
SSDEEP

768:Ge/s1qp51bcgBH5T9Zztj7CzrWB7oW/s1qvBsNtFcgPVwmYfItGjrZEU8xJ9nTA4:m0mg5Tf9u87QFHPVwmK3nj8X2dW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
254ed0bad03c96b062ca2d278761fb48_JaffaCakes118

Files

254ed0bad03c96b062ca2d278761fb48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e15aeaa62876d3ee74070193fd3def0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord598
ord631
ord525
DllFunctionCall
ord600
__vbaExceptHandler
ord711
ProcCallEngine
ord645
ord570
ord648
ord100
ord616
ord618

Sections

.tEXt
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dATa
Size: - Virtual size: 748B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rSRc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ