27fb25a3b1cc8fcbadf5642c14dda20e_JaffaCakes118 | Triage

Sharing

General

Target

27fb25a3b1cc8fcbadf5642c14dda20e_JaffaCakes118
Size

327KB
MD5

27fb25a3b1cc8fcbadf5642c14dda20e
SHA1

6625f5ae4b0f5b37cd672eb00c1811509a86487c
SHA256

a8b61f7b4be3ebe58679a78bd59cd9ee20d4944ee49cbe02d664fe52305b74c2
SHA512

d9bcf6cb2a7df6370f9426f77bf8e84d5745ec041f29c5e9d4cd463c1c2506038e200f0459430f7f7ac1798bdad86400e6c4465d27b848066c8eab6d8531ba12
SSDEEP

6144:7Y+oDS/33W6lN6mn4pqVAAed504v46wstZbbHn8VZSvEQ5w2fNjIxWuEK:7RoDSv3J0mn3aAd6VZPHwZS95wGVuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27fb25a3b1cc8fcbadf5642c14dda20e_JaffaCakes118

Files

27fb25a3b1cc8fcbadf5642c14dda20e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

119bf74dee34bb6724164cf859da5417

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord665
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord537
ord570
ord100

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ