3a5d955f80a08e65a138d95f5961dd45_JaffaCakes118 | Triage

Sharing

General

Target

3a5d955f80a08e65a138d95f5961dd45_JaffaCakes118
Size

20KB
MD5

3a5d955f80a08e65a138d95f5961dd45
SHA1

b959e8581e8b0f1a9af2953722e14fbf75b6b9c1
SHA256

b1b9e06bf2a4e0c972758702f10f86fd45f0316edeeadfb933666617abd0fb81
SHA512

fb892ffb584b4f9cf7755cf1218cc9ef0f73d5ac0420714be06c75be0c9e94a038d1d1efe7d8ed5bfbe4447c3777d65336b2864078f663fdbe841028ec9ed962
SSDEEP

96:kPsM6+ZYeP4+kX5xZYyQ9iySpuYgU97GSswh6oZXcPF2vnM24XIw5m800EXg9H5B:KCrpxZJlyLYgU97GAuy4fmIEXgdxWX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a5d955f80a08e65a138d95f5961dd45_JaffaCakes118

Files

3a5d955f80a08e65a138d95f5961dd45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

940e84b6d301e1c76c1a41057f8c7629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord716
ProcCallEngine
ord535
ord100
ord610
ord612
ord613
ord616
ord581

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ