45068466f28ed416eec984209b099822_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45068466f28ed416eec984209b099822_JaffaCakes118
Size

28KB
MD5

45068466f28ed416eec984209b099822
SHA1

b95ea179e96ed40493f8684c32b2cc6598383d22
SHA256

5a35ab605f62f211757e53d7ebcb79b7990a236b2a9ab24013916bdceccad371
SHA512

53bbc39ce8b668712186a14ac01340636cd167dda01c0e08839cad363c7bc41799c2ed91753bfb5f214a0e0e4f14a2ddbd2114396c3f5f852d3741d5dd5117bf
SSDEEP

384:Op3AVScfwJM4xkbgMo4Fxt2GUkPjnqaKaYtife8LfMK2:/VScoGbkMTFxMk5KnAef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45068466f28ed416eec984209b099822_JaffaCakes118

Files

45068466f28ed416eec984209b099822_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85a1ad016e44397e40b0d298a17cff76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvb

MethCallEngine
ord631
ord709
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord717
ProcCallEngine
ord645
ord570
ord648
ord681
ord100
ord579
ord616
ord618
ord619
ord580

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ