297dd550d87d2a3fc8b515619edc2e14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

297dd550d87d2a3fc8b515619edc2e14_JaffaCakes118
Size

600KB
MD5

297dd550d87d2a3fc8b515619edc2e14
SHA1

ccf022ab46124e5e79ae2476be0a4651a365db26
SHA256

c74bdd0b42f9e3627ef0835de1d35b555f41f74d9f6572cf00105e5146761c71
SHA512

31461778da20bd74cc165da9ebbc7db295bdd3deb423f06fc3b7aac39f2c56a6bdefddfd9461203d0e8062768e280fe32db0a8bb8fd6ccf626f874295abe4766
SSDEEP

12288:syRpjUgrlX6OLIIBrRnhcvLtSjGKhI7dFq:vZUgrlX6OLIUrR6vhSjGKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297dd550d87d2a3fc8b515619edc2e14_JaffaCakes118

Files

297dd550d87d2a3fc8b515619edc2e14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

917b19e9dd59f45bb46a08e401b7f094

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord572
ord100
ord581

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ