2edaf7863c72fe6ba4f9b4a5d20dd906_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2edaf7863c72fe6ba4f9b4a5d20dd906_JaffaCakes118
Size

228KB
MD5

2edaf7863c72fe6ba4f9b4a5d20dd906
SHA1

97e6c041b96e3e601bf1f2f004940b22649ee924
SHA256

b20d461722dc66365e6ed3fc997435c64a4c891642752b5c3da4f48a0703e2ed
SHA512

6c1cc417d6c1a9a468bd59c0de2b40314cbe6a7040808fbb1e630810ed511a2a2843cce9f788298f8e88b3e724eed6227578e456c48d65812b5f0466ec919c57
SSDEEP

3072:+8R/TnvxupFZVnciUF9qTX5utq56o6ueXWg+PbjbuBrZLzR80euHMsgP+y4one+g:+89Ts2k5ImnbKFiPX4oeEc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2edaf7863c72fe6ba4f9b4a5d20dd906_JaffaCakes118

Files

2edaf7863c72fe6ba4f9b4a5d20dd906_JaffaCakes118
.exe windows:4 windows x86 arch:x86

970511e6580f501d43ca6562b9f6f1f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW

msvbvm60

ord696
ord517
ord518
ord519
ord666
ord667
ord593
ord594
ord595
ord709
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord531
ord716
ord717
ProcCallEngine
ord644
ord576
ord685
ord100
ord616
ord617
ord618
ord580

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 95KB - Virtual size: 96KB