5e2b227c0679f28e649bd839051944b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e2b227c0679f28e649bd839051944b8_JaffaCakes118
Size

732KB
MD5

5e2b227c0679f28e649bd839051944b8
SHA1

38906c53ca013a5c23a571400ea11129d93ca64d
SHA256

c847433ed6d849e7c7caecf6986b6845feebd4688c063e4fd6dfd4b9629267d9
SHA512

a4cee26e23913696a1bad3f8e051e185291543ad8c22774bb3d4eb0162241b26ab7b4ea96b05fce9527e96c0f7a6c43492589e7622b6c10f521954df66ceebd8
SSDEEP

12288:/POc47pq4Fpp12FGrdu/v212FTc769kGA:/WcCpq4Fpuoro/xZK6WGA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2b227c0679f28e649bd839051944b8_JaffaCakes118

Files

5e2b227c0679f28e649bd839051944b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db0afc669ccb336fe3276ada2228f451

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord631
ord525
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord716
ord717
ProcCallEngine
ord644
ord537
ord100
ord616

Sections

Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE