3772be87cf94a93ac3b7c0c7da3cd579_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3772be87cf94a93ac3b7c0c7da3cd579_JaffaCakes118
Size

128KB
MD5

3772be87cf94a93ac3b7c0c7da3cd579
SHA1

2824552359f4c154360610524b2cdd953f1e1916
SHA256

e6939fdb1dd3b291b749ef52e1b34c576a0d44f80274bc0b7b15350052a2d476
SHA512

d8ac197e42c4a6d529c843bdea262be63bc4d31b894500e5b20047b8f64c35edc68ada71f2a83d2709297c9522ac3bf6fe40a6182ce7239d2bd5daf51b68ed59
SSDEEP

1536:x+lYRtuuVf2Wc1BRzvkkJk77IZ+PBHT3B:xvrtKBFvkkJG7IZ+P5bB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3772be87cf94a93ac3b7c0c7da3cd579_JaffaCakes118

Files

3772be87cf94a93ac3b7c0c7da3cd579_JaffaCakes118
.exe windows:4 windows x86 arch:x86

761e39cd30a461ad81b0db277a541b70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
rtcAnsiValueBstr
rtcLowerCaseVar
rtcRandomNext
rtcRandomize
rtcMidCharBstr
rtcMidCharVar
rtcSpaceBstr
rtcSpaceVar
EVENT_SINK_AddRef
rtcUpperCaseVar
rtcKillFiles
rtcIsNumeric
DllFunctionCall
EVENT_SINK_Release
rtcArray
EVENT_SINK_QueryInterface
__vbaExceptHandler
rtcSplit
rtcReplace
rtcStrReverse
rtcStringVar
rtcVarBstrFromAnsi
rtcStrConvVar2
ProcCallEngine
rtcBstrFromAnsi
VarPtr
rtcFileLength
rtcFreeFile
rtcHexBstrFromVar
rtcHexVarFromVar
rtcImmediateIf
rtcFileLen
rtcErrObj
ThunRTMain
rtcLeftCharBstr
rtcRightCharVar
rtcR8ValFromBstr

Sections

pec1
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec3
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE