481010810b0396189f1cc69ba6686c7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

481010810b0396189f1cc69ba6686c7c_JaffaCakes118
Size

20KB
MD5

481010810b0396189f1cc69ba6686c7c
SHA1

8b17359f6cd230583ddfc432a24ac31c5dbc87c1
SHA256

71d6e93358bc608ca73ae3e603c0867ae8fde3afe5a948b15eb683133e3dc69a
SHA512

11c60f492147308611e07ff540d2c4e12b085382cd8d00a954182805ab3d9e3f061c12112d70bfdfc34a67a39c12f3178845ba237193c5191a90563f2fc2585e
SSDEEP

192:CBW2+gTWvGfG3CYwJygPfgCMiTwlbMAN8LMAsT93YOUdc0XFX:SW4xfICWggAUyMAsT93YOUC0XFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
481010810b0396189f1cc69ba6686c7c_JaffaCakes118

Files

481010810b0396189f1cc69ba6686c7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1187cf66ca7ab6c400a300f74464c9c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord693
MethCallEngine
ord516
ord709
ord525
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord714
ord717
ProcCallEngine
ord644
ord100
ord689
ord610
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ