36c6fa36b5164cbbb3f7b7a476f7f550_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c6fa36b5164cbbb3f7b7a476f7f550_JaffaCakes118
Size

232KB
MD5

36c6fa36b5164cbbb3f7b7a476f7f550
SHA1

ebe3ba9ad1e62fb010e55ed3a316d135fc5b76d9
SHA256

d2ce0193e35934917319a8d4b31f2d322b974250d3defd13591e2ed730d2c072
SHA512

b427b5aa4f4cabc6b07fc88d7409f957d15acaa5027fcf7a32fd20c2538f865702b320b58593c48820455ef1812db5fa312acc796cbd4d4c578e5328c353b408
SSDEEP

3072:lMpPS2gwtr+w6aKmKM3BNtvd6qNp8tr5tWW2hftJELTZxxKHhSFK2FUq:lyt3LZwmpGW/tKLc8oe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36c6fa36b5164cbbb3f7b7a476f7f550_JaffaCakes118

Files

36c6fa36b5164cbbb3f7b7a476f7f550_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df6f2e35bcc65f52966e1ad4c003025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW

winmm

mciSendStringA

user32

LoadIconA

msvbvm60

ord696
ord697
ord698
MethCallEngine
ord517
ord519
ord666
ord667
ord593
ord300
ord594
ord301
ord595
ord303
ord599
ord306
ord307
ord309
ord709
ord631
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord531
ord716
ord717
ProcCallEngine
ord644
ord537
ord576
ord685
ord100
ord616
ord617
ord618
ord580

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_MEM_READ