34985c41ede0e568cc2b95fa6d4499d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34985c41ede0e568cc2b95fa6d4499d3_JaffaCakes118
Size

448KB
MD5

34985c41ede0e568cc2b95fa6d4499d3
SHA1

dbc3d119d58bbd88aacfaf83151276f80a889efe
SHA256

d243c3cea985e60c793041b4a3f7f6f79121e9bbb3e8d8b912417c4961fb2cac
SHA512

ddab507199c9d854dd20f00c255cdc0e2d392732fa6bf16e5dec5b761c0e5d3308c32a06dd71af5388f801677522a2707c608376813c4f4776dc1e98729bf425
SSDEEP

12288:PHVUFx2J27OKNYKeXZErfjzSCVBcfkd06m2Er:PHVIdqjKRHuCVBcL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34985c41ede0e568cc2b95fa6d4499d3_JaffaCakes118

Files

34985c41ede0e568cc2b95fa6d4499d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9117326ae9a472c270c15b795431047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord100

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ