4dde93adbed4f4d14c3b1ba177a9d1e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4dde93adbed4f4d14c3b1ba177a9d1e3_JaffaCakes118
Size

128KB
MD5

4dde93adbed4f4d14c3b1ba177a9d1e3
SHA1

0bb8f622734048f5102189851058c37c67302245
SHA256

b367d30c044123f7397ec42aaeab774f17524ee196f0133412c0f793a7ce425f
SHA512

85582644e36e38b87ce0c673b086ba258334564b476963bf8c33e77a5883d0c565494e3aeb63d5aec57f648785f1d320590c6aa1f3d32a0e3029f58a40d802be
SSDEEP

1536:e+lYRtuuVf2Wc1BRzvkkJk77IZ+PBHT3qw:evrtKBFvkkJG7IZ+P5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dde93adbed4f4d14c3b1ba177a9d1e3_JaffaCakes118

Files

4dde93adbed4f4d14c3b1ba177a9d1e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

761e39cd30a461ad81b0db277a541b70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
rtcAnsiValueBstr
rtcLowerCaseVar
rtcRandomNext
rtcRandomize
rtcMidCharBstr
rtcMidCharVar
rtcSpaceBstr
rtcSpaceVar
EVENT_SINK_AddRef
rtcUpperCaseVar
rtcKillFiles
rtcIsNumeric
DllFunctionCall
EVENT_SINK_Release
rtcArray
EVENT_SINK_QueryInterface
__vbaExceptHandler
rtcSplit
rtcReplace
rtcStrReverse
rtcStringVar
rtcVarBstrFromAnsi
rtcStrConvVar2
ProcCallEngine
rtcBstrFromAnsi
VarPtr
rtcFileLength
rtcFreeFile
rtcHexBstrFromVar
rtcHexVarFromVar
rtcImmediateIf
rtcFileLen
rtcErrObj
ThunRTMain
rtcLeftCharBstr
rtcRightCharVar
rtcR8ValFromBstr

Sections

pec1
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec3
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE