3c5e5da3e08e5181f7208e1c567e2712_JaffaCakes118 | Triage

Sharing

General

Target

3c5e5da3e08e5181f7208e1c567e2712_JaffaCakes118
Size

545KB
MD5

3c5e5da3e08e5181f7208e1c567e2712
SHA1

507f7fb4e39aea42884aba54142123e6f44c9481
SHA256

d60f2d9b64fa3f6d8123d37fb855d5379c013c5f5fa66a30761837dae8c73dc2
SHA512

737c557b43dd80426f31e089e1034863a1d3fd6d98e8a931083594b0e0f94eec811c76e2ac4a2ded359eaa86f1b8d5c45ede2702997cd63f894fd6170fbd2eb5
SSDEEP

6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOhjiX4sF+1dZTc:wPhM1jsMkKj/dZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5e5da3e08e5181f7208e1c567e2712_JaffaCakes118

Files

3c5e5da3e08e5181f7208e1c567e2712_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29e2976b1fd97a1c57c8afd17b8c319a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarTstGt

Sections

pec1
Size: 141KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE