46c08d89117aca3a14f819b090edabb9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46c08d89117aca3a14f819b090edabb9_JaffaCakes118
Size

178KB
MD5

46c08d89117aca3a14f819b090edabb9
SHA1

ff3fceed1e87af8ceb9d2eb2595c05a1af4e72be
SHA256

1682fd40a8c865ed8f58428b75102f0d6ca40490a70da584ab5801b885ede87e
SHA512

9b8555ca200551e6b016727eb578e7d8aa17f6b9b8af88f6c3ea1553189557b6c2a47a1e33667eed87c75646d49650e0575559ccb3d2567ab9b1021953de0da3
SSDEEP

3072:1JeWWhneMdShK1HibDV3MGFpHgWwN9RiCqlWiCW+:W6FpAWyH+WiA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c08d89117aca3a14f819b090edabb9_JaffaCakes118

Files

46c08d89117aca3a14f819b090edabb9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d69c6479660f6fc7022a75a7d35f4ebe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaVarSub

Sections

.text
Size: 107KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE