3106872b105d4c800269b57f4ae774f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3106872b105d4c800269b57f4ae774f0_JaffaCakes118
Size

664KB
MD5

3106872b105d4c800269b57f4ae774f0
SHA1

f9053ab51acd9eaf57455d804acee1bf683d6d60
SHA256

59b56759935a96f06f75ab60b3bec5ee854ffaa3d67b4f9963c80196a101a5b7
SHA512

3f554dc6d50c088a258afd8aa6d201c12fa11eb5014d64d1a14764eb56e18721ea0c514239ea9fa5e6b5f377033e205f910a50b3299bc5625d11b16ac0a09305
SSDEEP

3072:rH029VzWlgdHC6aC6gDCFB+4ufXY9V1uuEBmggSeeL84Gezv7F36LvFBWFCfsiSZ:RVCe61B8v6CuS+qtLQ5BPsKm4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3106872b105d4c800269b57f4ae774f0_JaffaCakes118

Files

3106872b105d4c800269b57f4ae774f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9048f2e4a3492dc3ab1a4a91e73eac66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord628
ord667
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord534
ProcCallEngine
ord644
ord100

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ