339256d2665699d0d2faa3c768a68a9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

339256d2665699d0d2faa3c768a68a9c_JaffaCakes118
Size

52KB
MD5

339256d2665699d0d2faa3c768a68a9c
SHA1

e7a31f0ac9a11017213a60ef4924a81c433b3041
SHA256

dab584178108440e1fb3bb53f2930ead37ff9ad7f49b8747b9c2751df632ec8c
SHA512

1f9ac05415fd996a41903f7e1da3460cca6007b59659c436f63e68af0dbdfe3ea95fe52a67d669e81c0889f6e8f1d6a5781d042085f22e9ff14ae8e87b896f54
SSDEEP

768:9ezqumVjTVF5ufvLFxYRFppwpk+MGh1aDsbDaz9kAI1W:o3YkbOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
339256d2665699d0d2faa3c768a68a9c_JaffaCakes118

Files

339256d2665699d0d2faa3c768a68a9c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4b48c957a7c10aaae356f060efbf878e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord690
ord691
MethCallEngine
EVENT_SINK_Invoke
ord516
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord593
ord594
ord631
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord319
ProcCallEngine
ord644
ord537
ord572
EVENT_SINK2_AddRef
ord685
ord101
ord102
ord103
ord689
ord104
ord105
ord320
ord321
ord616
ord546

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ