279e51210c565c0e0792157b3ccfe70b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279e51210c565c0e0792157b3ccfe70b_JaffaCakes118
Size

143KB
MD5

279e51210c565c0e0792157b3ccfe70b
SHA1

3f895f04a57d7c13f76ee031cdf0c2255f5fc970
SHA256

4904f501ef88ac535a492180f31b096a31b5fecd9f85f3f25f778669e7d4266a
SHA512

b1903bbb4e21af896bf219132e6155cc2c02c8492f6caf3c974f647fc0a144a36bc8f43285860ff503e06ee17d267652c15a43c92a46a8d7e8b80860628de4e7
SSDEEP

1536:/f2LLa0zlF4v488mWootWFv4VBPr4XFC8Tto6KclutFof223gVg0L3bEWhq34y:3EhzwTZocFAVBPr4XFC8ZJotI2uGZW4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279e51210c565c0e0792157b3ccfe70b_JaffaCakes118

Files

279e51210c565c0e0792157b3ccfe70b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adfb148533cc03cbabf2fdee380b4694

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord694
MethCallEngine
EVENT_SINK_Invoke
ord516
ord666
Zombie_GetTypeInfo
ord592
ord595
ord598
ord631
ord525
ord632
EVENT_SINK_AddRef
ord561
DllFunctionCall
ord563
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord717
ord319
ProcCallEngine
ord535
ord644
ord537
ord685
ord100
ord320
ord321
ord616
ord617
ord581

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ