49445bdf4bf9ff97f37ea746d6309e14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49445bdf4bf9ff97f37ea746d6309e14_JaffaCakes118
Size

56KB
MD5

49445bdf4bf9ff97f37ea746d6309e14
SHA1

ceec9194967e31e63aa8bbb90dd474ff399bc8c9
SHA256

ac4b8485e66d4efe9e31a671e19eb31a5ca73d377d854513e26edd056b79696b
SHA512

68fe9332bab0e1aa32a1e7200db4394240b04fe512ee69a82cd816b846d9d2fa897096fbc302ffcd06e1bb0686d94e1ce44c6457fee903ec5de69d58edeb3499
SSDEEP

768:tYJcony3Mo2yxTnhgqdmnDlu7B2ZequOoD3XHp:tUjy8wnhgqwnDluFEequ7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49445bdf4bf9ff97f37ea746d6309e14_JaffaCakes118

Files

49445bdf4bf9ff97f37ea746d6309e14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

746f53d5a5d589d25d69e222b3efa6d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord516
ord628
ord631
DllFunctionCall
ord563
ord600
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord537
ord100

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ