3b15e7aea7e0c6733ba4bb6464933226_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b15e7aea7e0c6733ba4bb6464933226_JaffaCakes118
Size

10KB
MD5

3b15e7aea7e0c6733ba4bb6464933226
SHA1

57bfcabaf0f59c6fd11fcf6bd310619c6acf3c76
SHA256

374eeb020b137a7753ec97ae697f720dc861d84939cdbd021018aafc831b4ccd
SHA512

cbe09bfbccfa1c1666c06bca7a9867a7a609475346ac65a3744ce54e8f41ed18367bcd9dd555ecb5e2be53e743bd1557da640a32f51618234d4a2ff008f9aab2
SSDEEP

192:zxOePPtcJKBP14VYSbCJo7XfyLEn7Or1XcA5gvGB92Y3/XMJPs4:IavBiVfb+o7qwn7OZ/tTQPs4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/蘑菇虚拟磁盘 V1.0.exe

Files

3b15e7aea7e0c6733ba4bb6464933226_JaffaCakes118
.rar
新云软件.url
.url
蘑菇虚拟磁盘 V1.0.exe
.exe windows:4 windows x86 arch:x86

17fedf974ba7a8532af0fd504d6385a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ