29da4063cb7d6c78e18e8c84af8ddf39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29da4063cb7d6c78e18e8c84af8ddf39_JaffaCakes118
Size

256KB
MD5

29da4063cb7d6c78e18e8c84af8ddf39
SHA1

787a99484d4a015fb0a169e1b7ad603529dfb169
SHA256

914ec153e5e4bc541fdd53770e65f505ea994c58b6f09fdbf0cf4a4887cc1002
SHA512

2ab17e4f1c5e39cd4f390c32b9982258e1e7ff5007bc8ea8af03aa11fc50f5333a8b1379ca920dbce224bb734ec63f4d36fe7f2a3f690794579430efe6923dd8
SSDEEP

3072:wX4gtn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4K:wXA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29da4063cb7d6c78e18e8c84af8ddf39_JaffaCakes118

Files

29da4063cb7d6c78e18e8c84af8ddf39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95b51d5c506589102afe6c0dc15baa09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord626
ord628
ord666
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
ord562
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord572
ord100
ord617

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ