27d56f256051c41d6485bbf073cfa6ef_JaffaCakes118 | Triage

Sharing

General

Target

27d56f256051c41d6485bbf073cfa6ef_JaffaCakes118
Size

938KB
MD5

27d56f256051c41d6485bbf073cfa6ef
SHA1

38ee071e5c595687bdc902defe1ad54bb783567f
SHA256

f1fcfcccf090d8c6cfb3316ff23363e4d0b4bba5f66f790ada4a6b6f858cb374
SHA512

5aecc50caaba1b0a1c4757ac4d01c98674bec7633b9f72cfb79b84feb139b968fbb7b0f3e85793b1d670c520930cd711da3bcb2fee94e39e3920b7e17c303629
SSDEEP

24576:FfST4oFvgutFvaPz715l1yfsrSlCZCxZ61z36UIebtMPSNYzefiRkBIMX+GlYzEZ:F2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d56f256051c41d6485bbf073cfa6ef_JaffaCakes118

Files

27d56f256051c41d6485bbf073cfa6ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d772a0098b8942a8cdf1e224840f6485

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
MethCallEngine
ord516
ord518
ord519
ord595
ord598
ord631
ord525
EVENT_SINK_AddRef
DllFunctionCall
ord670
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord713
ord716
ProcCallEngine
ord537
ord645
ord647
ord681
ord685
ord100
ord616
ord617
ord618
ord652
ord581

Sections

.text
Size: 928KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cas
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE