2c39277958c7a64902b50d37893c4684_JaffaCakes118 | Triage

Sharing

General

Target

2c39277958c7a64902b50d37893c4684_JaffaCakes118
Size

237KB
MD5

2c39277958c7a64902b50d37893c4684
SHA1

575ca900ac3cd2f4f35f1852236b3f225e0b42e1
SHA256

cd593eac665682d53e3adde07781f7fc50540bce694eeac6bce479dab0df4ed0
SHA512

4257c69cb45e56985c41ef56d18bc61db2401135c5507a3b2a5c58a13ca5b91eb353db5b3d66892e209aaff9bf0f6a92be8b75a341e082a17342b45b8bbd8da8
SSDEEP

3072:CdWJ13ZadNBi3VjbYd8MUhYYYVYhYYYO7cdmuGeEIWT5bgqpX9mAhH:CM1hJ9MUsdu5R+A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c39277958c7a64902b50d37893c4684_JaffaCakes118

Files

2c39277958c7a64902b50d37893c4684_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54837fd18cf90a3ad2c423d0e158a596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord665
ord595
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord717
ProcCallEngine
ord644
ord537
ord648
ord570
ord578
ord100
ord616

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bkekdmm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE