28c7fc97cd42ebfbb72f9d9ca4be226a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28c7fc97cd42ebfbb72f9d9ca4be226a_JaffaCakes118
Size

33KB
MD5

28c7fc97cd42ebfbb72f9d9ca4be226a
SHA1

cf316a8af5542d4960c62d85d752d697295699f9
SHA256

5afee62f31ef516fa821f3f81c9ab8473cf8c4bcac56618914ba3cf7a199499e
SHA512

2bb6a7bb9d4dad7c0cfd5a3b0e8f84b1543bf40988a98c02e6fa1ef141a54b2cdb962b2ced83b24f628159f5369bdaa648f2a7ba9bfea8e52ef2fa02272371d8
SSDEEP

768:N5WINBGdDjGzz7k2KR3mU5yAP7o/b8lWGUwmu:N5LuDSzsZ3ZVnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28c7fc97cd42ebfbb72f9d9ca4be226a_JaffaCakes118

Files

28c7fc97cd42ebfbb72f9d9ca4be226a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

165b9e90d34c82476d0755857012b239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord593
ord595
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord537
ord644
ord570
ord685
ord100
ord616
ord581

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mmmm
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ