4a7cc02ecb51b37967d8bc9bb1f25cfa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a7cc02ecb51b37967d8bc9bb1f25cfa_JaffaCakes118
Size

2.8MB
MD5

4a7cc02ecb51b37967d8bc9bb1f25cfa
SHA1

9a2883e41858de753dadb9a0fd014936d1af6088
SHA256

f82e3046f3568af600eb6145212df55507511e16466940affea0716b50361cd6
SHA512

bce0019d10c3844c7abe8298a721753da417f5e133794836c5f31ac0a56c3cf5cf12ed3416f58efe604f80046e507cdd588311a4db1f9712a1f8038127da2e5a
SSDEEP

12288:w5kMDwsoOSii+LVBiXnqWxBygZiMC8C3IJke2XN/DHchoE:HsOii+JbW3ygsskPpDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a7cc02ecb51b37967d8bc9bb1f25cfa_JaffaCakes118

Files

4a7cc02ecb51b37967d8bc9bb1f25cfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6439ccb892f285ee92ab885871e1dbe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord665
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord537
ord100
ord581

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ