45b7fa0227df7dc9db86603c24e51e19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45b7fa0227df7dc9db86603c24e51e19_JaffaCakes118
Size

256KB
MD5

45b7fa0227df7dc9db86603c24e51e19
SHA1

0432c21c318299d0995c28c6b12cd7b8793e0a37
SHA256

e2d30685b2e1ff85faad2be7185c73bc25bffa57d6856f533206460327e836e5
SHA512

88eea3f0d75dd6d559f3406baeb7b7a453811445fd0c053c83daf3cc71fe5958a3e861d55383393809fadd3f7902e9dda73d960b579f6a80763eb18ae38461fd
SSDEEP

3072:K5PDykjCBx2hypK7D6zdX3+P+kdMThHty9OZGU97BhBpk1/FbBJC/:HQUPpQbi/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b7fa0227df7dc9db86603c24e51e19_JaffaCakes118

Files

45b7fa0227df7dc9db86603c24e51e19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

200973fdddc320c64a7fa337c8b0aa6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

ord696
MethCallEngine
ord628
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
Zombie_AddRef
ord100
ord616

Sections

.
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE