49ac75603ef0bce4c7b4d5944ac15309_JaffaCakes118 | Triage

Sharing

General

Target

49ac75603ef0bce4c7b4d5944ac15309_JaffaCakes118
Size

460KB
MD5

49ac75603ef0bce4c7b4d5944ac15309
SHA1

5c308fb8ce41797dc02302ba3378fbdc456e3b75
SHA256

1f2bfb5fc30b16dac680d4c0a33cb8a0f2b4ec83c6e5ed26b2d81f5d582b271d
SHA512

12f1b5be9f9a5307fc0b528c621bae1814235bef51c014d22bb89be7250450f7e825fe12d5c2a0d37c093b913447c140b6b15f405244588a900328907f54c44b
SSDEEP

6144:hsqwL5Iet6vMUufTZJ7AOu23uepgvxuWTL5BXtschpqUZRFwFvPO7WfE8xQoDea:f3ETTAOV3uYs5BXzvwVO7+4aY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49ac75603ef0bce4c7b4d5944ac15309_JaffaCakes118

Files

49ac75603ef0bce4c7b4d5944ac15309_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e414c5f0d04abe230f8ae0e1b1f78a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord583
ord584
ord585
ord587
MethCallEngine
ord516
ord666
ord593
ord595
ord598
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord717
ProcCallEngine
ord644
ord575
ord100
ord617
ord581

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ