3bbae8881c0206c1964db7641126ece9_JaffaCakes118 | Triage

Sharing

General

Target

3bbae8881c0206c1964db7641126ece9_JaffaCakes118
Size

40KB
MD5

3bbae8881c0206c1964db7641126ece9
SHA1

bb07c526fcf95ab5086773c823cc13490dd02bf4
SHA256

8a73ca1eadb6612761d0d594d9c6555054c9e512e5f0dfba86e1c3fbc7d0a27c
SHA512

a82846b33f92e8fa46079f277f89c6a13dfe8b922e4c34ee8724e3b05d6d8083a7b6e153bcc786efbb88c18cd20051cbc6b89085b61b303a69056ee5564834e4
SSDEEP

768:rpFHSLog6Q58ew4LW5RgT1NroptMGqPlhqesUfipFHSL:rpFHSkC8ez6yT1JoptMGqPlhqevfipFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bbae8881c0206c1964db7641126ece9_JaffaCakes118

Files

3bbae8881c0206c1964db7641126ece9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

272569b050558c360c15d6da91a68e8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord620
ord660
ord593
ord594
ord595
ord598
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord716
ProcCallEngine
ord644
ord645
ord570
ord685
ord100
ord613
ord617
ord581

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ