36c5d27d970a25ac5437d8d84a6d98a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c5d27d970a25ac5437d8d84a6d98a0_JaffaCakes118
Size

992KB
MD5

36c5d27d970a25ac5437d8d84a6d98a0
SHA1

f8a5c8d8f47dc7a1a76f38bd4d2aeb55cd34082c
SHA256

fe08d77b3795f32d5a73bfd25c78504179f5fba5609433e9da497ea53ffd719f
SHA512

b2c253111075e2b8503b78fd372b80457fadeaaedc50309fc54e074f1785f7ac79b3cca44d123a5493e217f74d6db7dfa3d2b7a63bc09f94c9b892e56d02fe22
SSDEEP

12288:1bXIECzqoM45pa+saICPKOs6+AluLHOn0MAmGxXHWfLg4KZnYutQFoKJXyCUa5xp:1kv/Xa+9ZipAoTfxuLgxlX+oKJXZUaG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36c5d27d970a25ac5437d8d84a6d98a0_JaffaCakes118

Files

36c5d27d970a25ac5437d8d84a6d98a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f301a86f04def8a819b30b2273d0ff00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord516
ord593
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ProcCallEngine
ord644
ord570
ord681
ord100

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ