28dfd4b60b7cc040fd791793df00d033_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28dfd4b60b7cc040fd791793df00d033_JaffaCakes118
Size

70KB
MD5

28dfd4b60b7cc040fd791793df00d033
SHA1

6de2eaa1106fbb66b8415beb23490a2795596e87
SHA256

6a2f91554ceb7014290951283930dcba8f5721123dfbc1da08c6657db193f7a6
SHA512

0fa9d1499749bc4c2cac91669cd4d8a45642d68398fa6c3aaf78ba4c8d6b381d0da9a964e2fe6d074ec4dd052fc56d16fe5f6eea462f6a1d29e45fbe337a7984
SSDEEP

1536:K/sPrUAJc4P+FxDmRjY9fmAunjpF8JnvpJ:gst/2Fl1fmAujpuvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28dfd4b60b7cc040fd791793df00d033_JaffaCakes118

Files

28dfd4b60b7cc040fd791793df00d033_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6ba9728a19e0a4f63ed836b5831981e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord595
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ