37e2bd9c658bee8bbba0e84d6e9074e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37e2bd9c658bee8bbba0e84d6e9074e0_JaffaCakes118
Size

248KB
MD5

37e2bd9c658bee8bbba0e84d6e9074e0
SHA1

27f55f25c856790616b5734b5e25ba0a13ab0adb
SHA256

0af4328d165fd56347c54e62fd8fb11b6cb08ec9df70f76a421067eb64d6e629
SHA512

45f5d30035e02682ee8dd5c9e6020a64a4fad598643565b590198e326f5029c5080dbebed7c90b70b4420376d59e0eb9a2cb481fa99919a49dcb85ea9a0b020b
SSDEEP

6144:CQddIplDvzu0c8ttdDZ5RTInwviiyYMxiO5MHUKF:zddWXuv8xDZ5RMnqsxB5SUKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e2bd9c658bee8bbba0e84d6e9074e0_JaffaCakes118

Files

37e2bd9c658bee8bbba0e84d6e9074e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a1d176e473709da754ff8848259302e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

kernel32

GetProcAddress
LoadLibraryA

msvbvm60

ord631
DllFunctionCall
__vbaExceptHandler
ord608
ProcCallEngine
ord537
ord644
ord100

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.upu
Size: 4KB - Virtual size: 4KB