48c1db22a56582c48566d19de6691f54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48c1db22a56582c48566d19de6691f54_JaffaCakes118
Size

16KB
MD5

48c1db22a56582c48566d19de6691f54
SHA1

24bce8739aef51c4565d6d7da649164034537e0a
SHA256

5ca93f14cd27d9049732bb7df30587823ed7f2956ba66207001c8a9813634c2a
SHA512

74e51809d4167b675e8d9f9468df6c3ec80595a326b09519f7099ca07a42bb4f15c119728d7c0a03016ca8285d01a2d5268f15b046d767b4c32774c05a942cf8
SSDEEP

192:1tI+P6EZBsUuhj+3jsgyG+NcUnwwiyxTpmuO9s:o4tsi3wgytnwwiym9s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c1db22a56582c48566d19de6691f54_JaffaCakes118

Files

48c1db22a56582c48566d19de6691f54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e39d037acde6b096f84bdccfceac0cd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord595
ord631
ord526
DllFunctionCall
ord601
__vbaExceptHandler
ord711
ord606
ord717
ProcCallEngine
ord644
ord537
ord578
ord100

Sections

.
Size: 72KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ