2aba5c181028b57502d192103000638d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aba5c181028b57502d192103000638d_JaffaCakes118
Size

34KB
MD5

2aba5c181028b57502d192103000638d
SHA1

7cf291c8c48767b36f947b28f2e7a047105f0d93
SHA256

95db92f34e0cc07636767c6f503a5d4c9908449f479f4196d53fdf87358ca095
SHA512

0c4d0ceda7dd80a562d17a7427c31beefc81d6b8ff1c08376262210d44ec9f9e2eedaae3811839c4edcf621010f337cf3590d071b0643bafbdcea57308faff82
SSDEEP

384:MMCOrAaiG2lXOfzL9UdHk7jSG9tMeI8GJqked4ohLkeXqtD5s99V:MFEuWFUJkn1oeVrp4ohLZI5s99V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aba5c181028b57502d192103000638d_JaffaCakes118

Files

2aba5c181028b57502d192103000638d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a410292dbf34624942d6a5ec810727cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord621
ord516
ord595
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pppp
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ