4d967bbdddebd2d13412f8f3472e04d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d967bbdddebd2d13412f8f3472e04d4_JaffaCakes118
Size

276KB
MD5

4d967bbdddebd2d13412f8f3472e04d4
SHA1

91241e0b44474fa6ddbb51a05cb75d5741cdcde3
SHA256

b392348ec495a6208606bef71dba07e3ecd00b7ab0f5915002840067bdb5cb07
SHA512

0c78e53946eba128f76f2bf7ab490c76b10eec6cd0a1d6a0e411188e8652115bf40a3b36f9977e2c85e1cd2048b99f2f646f88e127e53179e98d0530cbca4ecc
SSDEEP

3072:UIdcFLEdskgrt05bnwhVh6PTP032TAOmWaJETw8v+:xWjZ0xCVh6qOlMEPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d967bbdddebd2d13412f8f3472e04d4_JaffaCakes118

Files

4d967bbdddebd2d13412f8f3472e04d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc39d6bcccc6aed12cc7b3f6f5003c3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord100
ord617
ord581

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE