32e93690198cc12b2f0904c280b560b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32e93690198cc12b2f0904c280b560b9_JaffaCakes118
Size

49KB
MD5

32e93690198cc12b2f0904c280b560b9
SHA1

f80244072af418b508d98cba280ca78576e09337
SHA256

24972b2e799ec38a1628111f5e475ee3d9237366d6f4c41aa6b13266aed7aa1a
SHA512

515f3a08d996fae716a63259a5bb684dbe581a4e966ed6b522bd7fdbc17cd7d4f6c7f69e0a4a6dcba70a20a90a7b90671bfa3b0ac85cf1d0a4d167f3461c9ede
SSDEEP

768:zNxJBVzWfrJHE+i86WDP+T8k3+zujxl+cuHBb9Gv3sYM27BX33333feY+j:PArQ9YIlpsY3p33333fsj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32e93690198cc12b2f0904c280b560b9_JaffaCakes118

Files

32e93690198cc12b2f0904c280b560b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcbf84ca814088e180b9592d4a241c32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LoadLibraryA
LockResource
ExitProcess

msvbvm60

ord696
ord698
MethCallEngine
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ