2634820564749c3dd29a7d3351a3a3b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2634820564749c3dd29a7d3351a3a3b7_JaffaCakes118
Size

152KB
MD5

2634820564749c3dd29a7d3351a3a3b7
SHA1

953cf281d50ac001dcd9c4ef350e02b66231e310
SHA256

d0ecf214f66cbde5c16f14bb3be29b07d26549e26d801b205ef324c9bd6106a6
SHA512

121836a3c9f1b42522444323880d46ac259aece4a38dad9b68efe5afcb98938451e6bd76839030e326bac30044a6b96093d692ea2de9cf93ebb407656a60eb7d
SSDEEP

768:ZhQLIK8wMiLJRh59p865JdLPgQrEcdSNEWZpKqupvQspraeDxdC5HwV7j3y1Cgkk:208RZ865JlPRUqrO5Igkb4OQ91by6srG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2634820564749c3dd29a7d3351a3a3b7_JaffaCakes118

Files

2634820564749c3dd29a7d3351a3a3b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c83d9291036687b62b8ae1aa85bdc856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord681
ord100

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ