317cb5804f1057f6aa3b45dce6116837_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

317cb5804f1057f6aa3b45dce6116837_JaffaCakes118
Size

32KB
MD5

317cb5804f1057f6aa3b45dce6116837
SHA1

c0814b157730a98f4024edbbbe6cee200cdd4d13
SHA256

d21bcec48fdc146e4e991c113fe7faf42835a1af7d3a15925c114e5f7a05392d
SHA512

a6c47d06d5d5955cda4a2a86f003acfe49fc007a824dfe18b8ac2302c5457d146414f9c4ef2d6fad8bb6a820f67c0c01640ca45254b693556e69f70f7394986f
SSDEEP

384:KtlyTJa57OdJyCoPEeqNHJQ+WtHTjgZtwfKzaSd0kk+vpfPWO3Lsi7lvayjZ8ccy:KtgcYWtzsnwe2/+BHLsi5Cy/cgjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
317cb5804f1057f6aa3b45dce6116837_JaffaCakes118

Files

317cb5804f1057f6aa3b45dce6116837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99cf7858591115e19ae5f72581a31399

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord665
ord632
ord526
ord529
DllFunctionCall
__vbaExceptHandler
ord711
ord712
ord608
ord716
ord717
ProcCallEngine
ord644
ord570
ord648
ord681
ord576
ord578
ord100
ord616
ord617
ord619
ord580

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE