3964e545a2df4cb8a08d1691113f7256_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3964e545a2df4cb8a08d1691113f7256_JaffaCakes118
Size

507KB
MD5

3964e545a2df4cb8a08d1691113f7256
SHA1

cd579e47d32cd3b70fdc4a7dbe48aed67bb3ede6
SHA256

70546a49f873569d93d9ba848d3b54a7c6bbe7cfc0876aec46c049c05b83a2b0
SHA512

2b58febd84030714d5463c0a3b310f7513f95665f5cfacd2b89f7ab3479c544b1c67198ae074f501eb2dde2a6abfef4478f5e03e5fd4042b8ddc1342da2a9adf
SSDEEP

6144:rhPBarKpkt7WiO7KlxEiaNXcBJ/nzpzSC3Wbx2i+y66ffYMIzb0L:1Pwrjt787d+zB3WbQsfY90

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3964e545a2df4cb8a08d1691113f7256_JaffaCakes118

Files

3964e545a2df4cb8a08d1691113f7256_JaffaCakes118
.exe windows:4 windows x86 arch:x86

375c7402f8748b0ff0440c4212cdf8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarSub

Sections

pec1
Size: 22KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.T�
Size: 232KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oojzfbb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE