35a691a5f6478d4f8cd430fc9aab810b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35a691a5f6478d4f8cd430fc9aab810b_JaffaCakes118
Size

269KB
MD5

35a691a5f6478d4f8cd430fc9aab810b
SHA1

982045b3fa863e872370c7e6eac8657290bd1b68
SHA256

9976eaefed4f200f44131ff95e63d4b6d0e2a10220810e833780d98ce3131bf7
SHA512

37395f31fbde8238c709d9eb69dc840a37c337afcf1b84c8e3b9e833056196dbfd838ff9237099df92ac407dd153117f380519e526f388c37327dc6edee5dfa8
SSDEEP

3072:1kYHZe1s7UooOAiAeARoadAbJUxnymSOHTbSwQY8WdE9nONsZ9tlGFi7dqbbc7lR:94V7nL2adqmpbSwQYpdE9nOYrGFigbcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a691a5f6478d4f8cd430fc9aab810b_JaffaCakes118

Files

35a691a5f6478d4f8cd430fc9aab810b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb0e959b292927b475145c6c5ed9ef1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord593
ord594
ord598
ord632
DllFunctionCall
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord535
ord644
ord648
ord681
ord578
ord100
ord617
ord619

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE