2eed894a54186148a51632cb78a10404_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eed894a54186148a51632cb78a10404_JaffaCakes118
Size

68KB
MD5

2eed894a54186148a51632cb78a10404
SHA1

e98e513f43e45c9bdc9efe5099f4f3c644682c7b
SHA256

78dc62432e2a9482f1ed5641a1bec99b251f20c84124f7f21b836631d9c5db91
SHA512

b3fa7a83a7d6684496357b895b3eac68c9997f2ca59559f87eb84dcd743e6ba960d7e66f187f4d354372e7d0e2a92fc1ff7a9588310a050c94ab4a6ccb77c776
SSDEEP

768:aKS1UJP2P8EdPeQ/F25zjQDr9KS1UJP2P8EdPeQ/F25H:3S02UMo5zjuIS02UMo5H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eed894a54186148a51632cb78a10404_JaffaCakes118

Files

2eed894a54186148a51632cb78a10404_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0a9710c7c8288db147b8e3abe09e9bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord598
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord576
ord100

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ