3471e4d837ec8078549a4a6591ec202c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3471e4d837ec8078549a4a6591ec202c_JaffaCakes118
Size

108KB
MD5

3471e4d837ec8078549a4a6591ec202c
SHA1

8e3f1026e6caec6ea95d72488400825952f713dc
SHA256

9fa56097b1d2264a5bf58db678c6376cc5c433a48220c1386511fcc6d5acfb49
SHA512

6de3b3b8114930d4ba1ffd52bb239feb1fb9f4d33201ecb137bef948b45ae4aade73a1b84ba61bf4f83dadde96000a9f219e49c91483fd72364e94eaae042013
SSDEEP

1536:CdXPxKraZE/LoVw9xIE/M93F4PhkaLTGyc4p9LMkLxgbryyqYkEyDp6PfGzD:Cdp9KqbrH+EyDpLD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3471e4d837ec8078549a4a6591ec202c_JaffaCakes118

Files

3471e4d837ec8078549a4a6591ec202c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4307873a0f95744b01db967d46f4dece

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord595
ord598
ord631
ord525
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord606
ord608
ProcCallEngine
ord644
ord572
ord100
ord616
ord581

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ