2eca98bc4ff4cff2734f9f64e3e73212_JaffaCakes118 | Triage

Sharing

General

Target

2eca98bc4ff4cff2734f9f64e3e73212_JaffaCakes118
Size

303KB
MD5

2eca98bc4ff4cff2734f9f64e3e73212
SHA1

6a2139e38e82f960104863a2c6ffcabf67d6446f
SHA256

9422665f22dfa05e85032bbd552c3defbe92e968f508f83a5a056a4b7a322e5d
SHA512

efbe8e94b5b2fcaf16b9f22ee3ea2b5543c53caee45fd1b3b334f1b5cd96865ad3ff213266e6b1dd0474a6a3b1513dac24522ef23b4b5f3b84f01f20599e9ecf
SSDEEP

6144:AGyV8r8IFmNhc23rLD1cAA25JtURpwi03gI/qBisAq7:TE02bLD1cl25JtUu/qBiNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eca98bc4ff4cff2734f9f64e3e73212_JaffaCakes118

Files

2eca98bc4ff4cff2734f9f64e3e73212_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17f4a94c57fb6c55a9c78c64641d6def

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord632
ord526
ord600
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord570
ord681
ord100

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ