33f2014d0465465abd2db2fddeb39a43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33f2014d0465465abd2db2fddeb39a43_JaffaCakes118
Size

443KB
MD5

33f2014d0465465abd2db2fddeb39a43
SHA1

8b7998e7cb417a1932efafa8f3ad736d4ec84128
SHA256

a7b1a77d2c837054794b98a77bafc9fef4cdfc0df86d67818d23bbdc8655a8a7
SHA512

00129d881128770c3ca9ab7913ed1493dcb9dfa87734811cd60c6469f5642255e398499b0a0539b6e4352a1ba0939a296435d4a384c056b27044afb60702887b
SSDEEP

12288:tWOWxzutwAUQdXqQzeAxZx71KzpTZ2esTnAs:oxzGwGMQqiZxQlN2Tcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33f2014d0465465abd2db2fddeb39a43_JaffaCakes118

Files

33f2014d0465465abd2db2fddeb39a43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8269746f9ebb9c906782a0e23b5dbc9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ