48e23d1840cf9447adfadb5eb8b040c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48e23d1840cf9447adfadb5eb8b040c9_JaffaCakes118
Size

18KB
MD5

48e23d1840cf9447adfadb5eb8b040c9
SHA1

3ecc84aab904898c05c31b79d65bb637cc4fb052
SHA256

e03ce6d4d7a15588a3782a1e3533631e8c5524fe38ad7f99417757cad3ec765d
SHA512

454fc549870ed506a52445f758848b4f4e4d1a134286bed1f9af303b93d4837af9d88956cbca92bbc7814aad4f2c5ae2e34bba28b95b31c79d2626339c721a03
SSDEEP

192:zJnvyVt5yECewaEqPUP38MkccOjn+5aWkTFjOUpYK4GYPjOUpYIe:QR7J5iXpnK7XpPe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48e23d1840cf9447adfadb5eb8b040c9_JaffaCakes118

Files

48e23d1840cf9447adfadb5eb8b040c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ee459202d13685d56cc5faff4639e09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.
Size: 15KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ