3002697baaf3aa0cbca6025e48031f1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3002697baaf3aa0cbca6025e48031f1e_JaffaCakes118
Size

56KB
MD5

3002697baaf3aa0cbca6025e48031f1e
SHA1

f732c19f839a089e8652b827de0a23d5f6cd6b70
SHA256

47ca97cf15cc9853f7ce9296a75e797a53aba62d5df0a64913d784a022ce24c0
SHA512

e4532d685297d462e886607c2aecfb6aa661f3a70c34b50fc5eb72cdf4c691c365cc5c8dc27930683e08b7f8a0ed93b70f845fadb12f4acbf644326a5617c2dd
SSDEEP

384:DEMB8cY+XzgMXn0ElQ4lvUQpBi4V7AYcFaXqJDUHNFrLi9xGuC1nlGpnj2ZVsNot:98vu9jhUQpBi4DcF1OnlUj2ZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3002697baaf3aa0cbca6025e48031f1e_JaffaCakes118

Files

3002697baaf3aa0cbca6025e48031f1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cdd05e58f586fc8246a00630c3825ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord519
ord667
ord592
ord595
ord520
ord523
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord607
ord608
ProcCallEngine
ord537
ord645
ord570
ord648
ord573
ord685
ord100
ord579
ord616
ord617

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ