26ff8cdfa3a384bd2274acafd130500c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26ff8cdfa3a384bd2274acafd130500c_JaffaCakes118
Size

116KB
MD5

26ff8cdfa3a384bd2274acafd130500c
SHA1

c4309718410c27516cbce433b6dfff90d6cbeba8
SHA256

2729e6a5f614b61653fc152ca59a033940addf60ec0d6f78eadbd58482d7f79f
SHA512

253300e504a3970dd3d16eacb6d99a3cf5cf9b66414b628a1d038a7b96f5a57ea41e36289208b0c5f771f62a523b618f59104ef332d949ab3b6a23791053bb34
SSDEEP

3072:jqEcsdMXe0d9lypF//XDfIS4CD3asgPJ7iZ0Hra4x5k:uEh2Xd+X7IS43sgR7iZ0Hl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ff8cdfa3a384bd2274acafd130500c_JaffaCakes118

Files

26ff8cdfa3a384bd2274acafd130500c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46364617aa31f7c3d9301498f9895a50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord660
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord531
ProcCallEngine
ord537
ord100
ord616
ord617
ord546

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ