364b97a568fd156cd413c653435bdcb5_JaffaCakes118 | Triage

Sharing

General

Target

364b97a568fd156cd413c653435bdcb5_JaffaCakes118
Size

16KB
MD5

364b97a568fd156cd413c653435bdcb5
SHA1

e3191b546e165e4c871c76ddf2ebb76e7c9f9a35
SHA256

c8eaf28d7e902b8d4901897e759bbe0989f82ef49c76cd40b2f4eccb79b5fefe
SHA512

de7d3f5afa3375e39c82cbd67ce1f3ea083be638638e4a1a5729b05b304d9f96f580ae2fe0d2ad1923e2333736e665f2447b9a07325f2be75efd926cda880be6
SSDEEP

96:hees5AMdhzdg26a/imoZoiqRa1gmw4za2ZxUEMqu2:41JfiV1gmwGxUEMH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
364b97a568fd156cd413c653435bdcb5_JaffaCakes118

Files

364b97a568fd156cd413c653435bdcb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f8b7d6eb406f51f87c2461a190bf603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord599
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord645
ord100
ord616

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ