43a376560c0f36faa8634551e3e659e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43a376560c0f36faa8634551e3e659e6_JaffaCakes118
Size

20KB
MD5

43a376560c0f36faa8634551e3e659e6
SHA1

9f1164b83e49ec40351bcf5dae90fb94b0cce87b
SHA256

98c48b2e33bd7b6db7cb52edfd195bdf66fd4f4363cf08f24bfc9fbad8a7949e
SHA512

03ab589365f67f9012a5a35382b374c1b5f35daa6aadec429947a5947b762a825e85428e91d6f79b1bd3669656f6195e371e22280aa628102d8797fe52d1fc0f
SSDEEP

192:KfHT+oEfFVub2YRLJ5ndzvZ0GvTCqLRlvJu3rUSCw9K+m0As:hGiY59rZ9veorQwMK+lAs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43a376560c0f36faa8634551e3e659e6_JaffaCakes118

Files

43a376560c0f36faa8634551e3e659e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd77d33a4e1cee55f2c124644881305

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord593
ord598
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord713
ord607
ord608
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ