2cf98d44e242526256a603ef89d77607_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cf98d44e242526256a603ef89d77607_JaffaCakes118
Size

68KB
MD5

2cf98d44e242526256a603ef89d77607
SHA1

4cf8852d224642a7abd03988f2967645d966cb12
SHA256

c1e7dfd157a48c6f0e20bb44eac70e3a476b8463f673744add8e4e51f6ae8718
SHA512

840f81bdc0f7459f0daf8a28c935527f3fa2a8623ad655e21142959d85c752cf780a70a672c7a2599e14565d86756bbf15c55a487a1ce54ca278f50298d70e9a
SSDEEP

768:d37WBtY0Qnghzx2EutsGhYWtXa0sklCf+fLylyG3qXEoWTb4cQHtqE:tCBt/XzV0syC/yG3iEoWTb4cQHcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf98d44e242526256a603ef89d77607_JaffaCakes118

Files

2cf98d44e242526256a603ef89d77607_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bef296f716e8717004d6f5681d2a4ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord666
ord595
ord631
ord632
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord537
ord100
ord616
ord581

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ