278e6fcf8788ea3ae04e0ff518ccc0f0_JaffaCakes118 | Triage

Sharing

General

Target

278e6fcf8788ea3ae04e0ff518ccc0f0_JaffaCakes118
Size

24KB
MD5

278e6fcf8788ea3ae04e0ff518ccc0f0
SHA1

584da96fa46ccffa74caf20103eba6c7616fbfeb
SHA256

db511a5092184eb27e02f13a02f046ee08ed12700563e7b23ab7cd7c85e0953b
SHA512

08f47ef60cf8d705f00441c5b17b402e161a28ff673199c7fad0be9a1705c02612652f496207757892dfd565a64e1e5ebd9ed9a5285c3a3b2aad791a2ab7f40d
SSDEEP

192:QLGzbPw4u06AOvJV/Ie1sUOGG4CZyhDVtzuJF5fqYqWwUVHK+aM/LGzbPw4u06:QLb0eV/x+Hyf2F5fqY2UgM/Lb0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278e6fcf8788ea3ae04e0ff518ccc0f0_JaffaCakes118

Files

278e6fcf8788ea3ae04e0ff518ccc0f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27c9c786e6bf3ac74f4bd35f216a25b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ord644
ord570
ord100
ord616

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ