3c991076652d0e17e38c35e39cf2f21c_JaffaCakes118 | Triage

Sharing

General

Target

3c991076652d0e17e38c35e39cf2f21c_JaffaCakes118
Size

20KB
MD5

3c991076652d0e17e38c35e39cf2f21c
SHA1

14873f28dda4f3222b4056e355d468a777821c90
SHA256

20e961b72ba99735d11161389660d276bc34edc85eea5dfe4b9b673751b73c31
SHA512

1144d99412b5ce2c6ef467cb7c92f0aee604aa72bf3ae1c09a108ba08dbe21fc0608e7cfd3b28a71bd8eee3b82ffa5d573b9981304b9b6ee81250d14bbeda1e9
SSDEEP

192:AKn+RJ4Hc2Z9YClpI6oVTgghiJQipRspMs1TjTnt49:AKKn2ZDlpI6Q4QipRATj5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c991076652d0e17e38c35e39cf2f21c_JaffaCakes118

Files

3c991076652d0e17e38c35e39cf2f21c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44ab183d91047dfdb205bec54260599d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord709
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord100
ord689
ord610
ord617

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ