3953c80fb1e987b641d21317e3f8d810_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3953c80fb1e987b641d21317e3f8d810_JaffaCakes118
Size

176KB
MD5

3953c80fb1e987b641d21317e3f8d810
SHA1

6b1bbe73d5e9f70d5900700de67f2c1d182a8fc0
SHA256

fcb72bc37b1bfd0de3b432d1f09e809b437c07538df317804f1099cef903f4c1
SHA512

134933b0fe3b4a395481da9ed971207967e60c966ebf3f0fa0b70d5e3a1f39d26311ec7dbc4b51eb5ad597a617d4dcec6e68252e9d4227c0b5f175f343a250cc
SSDEEP

3072:r92BHmS7+go0ftTf4ftwb1CL13G8Qul03Gkvk3zqDH0+vb6kDx4tSLQnOCE:reGSe05f4fwCpG8A233zqDHwW4tS8O/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3953c80fb1e987b641d21317e3f8d810_JaffaCakes118

Files

3953c80fb1e987b641d21317e3f8d810_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65f4d2958571a80d78566530d2650a35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord519
ord667
ord593
ord594
ord595
ord631
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ProcCallEngine
ord537
ord570
ord685
ord100
ord616
ord617
ord618

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ