4de190f7d4b8a10259fa75df68a381e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4de190f7d4b8a10259fa75df68a381e5_JaffaCakes118
Size

144KB
MD5

4de190f7d4b8a10259fa75df68a381e5
SHA1

ac557edf5cd3678775cbea244ef7ce1364bd8283
SHA256

2cc81ec0914d0e1e713d77376c35dbeee392cc4e44d03e80037c256c554efb87
SHA512

91d0962e8a8a6f429a337739666bf1b684db43d244d8e3031711451d20dba21916bfec2b18f756fba50bfc4d96801cc5933f6493b5e122ada059530dae314a8a
SSDEEP

3072:VqSE7nvXgoAorI3ZVPqSERI0qSEaIgCutPGsnSqS:VqSSnvXgoAorI37PqSU7qSDlCutPGRqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4de190f7d4b8a10259fa75df68a381e5_JaffaCakes118

Files

4de190f7d4b8a10259fa75df68a381e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f53acc9d2c0c94a9afcbc4371fadc33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord518
Zombie_GetTypeInfo
ord595
ord598
ord631
ord525
ord632
ord526
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
ord670
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ord319
ord537
ord645
ord648
ord576
ord685
ord100
ord320
ord321
ord619
ord650

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ