28de7029a8102a9e6f39fc360ac4c739_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28de7029a8102a9e6f39fc360ac4c739_JaffaCakes118
Size

1.0MB
MD5

28de7029a8102a9e6f39fc360ac4c739
SHA1

e005f530c66014eef288eb4c424c580fe18718b6
SHA256

ac8b837c7d93c48d439fde6139a3be43449f8e4838cdcd0300456f03dc68a704
SHA512

ae8c21d3aba411259fca537dc0c391bfae02792159390eb93a49943bbc12da2c88a73a64d2d162cc8ec04e8f0db293e43ca004da95f16592b1346b4c946779cb
SSDEEP

12288:6H4yH4htD9rtD90PA228C8UixiDE8Px3Cic87:6YyYhZ9rZ9j228C8YG87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28de7029a8102a9e6f39fc360ac4c739_JaffaCakes118

Files

28de7029a8102a9e6f39fc360ac4c739_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1217084f3bcf90b5b4f857703fff18ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
ord696
MethCallEngine
ord516
ord628
ord592
ord595
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord713
ord717
ProcCallEngine
ord644
ord537
ord645
ord573
ord681
ord100
ord616
ord617
ord650
ord581

Sections

.text
Size: 900KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ