5a03cd1374f76fbde468d4f70262d37e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a03cd1374f76fbde468d4f70262d37e_JaffaCakes118
Size

368KB
MD5

5a03cd1374f76fbde468d4f70262d37e
SHA1

6f0284a1bd68dfa756a80f203cf7cc159424dff8
SHA256

c75951ba9add10746784de79f1f596c39636efa92e517fecc5e57fd9ebfbc7ca
SHA512

6cc59e672cfa5606f576bdae450b78e4c5f8308b4efb6026cfcf3e561e8d920e255ce552f0e53e4841100a8f4c1654ba13f2a523ebe42cb243765c22738e6adc
SSDEEP

3072:ZM+tn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4Ex:VN00i/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a03cd1374f76fbde468d4f70262d37e_JaffaCakes118

Files

5a03cd1374f76fbde468d4f70262d37e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ca9aafd0b24ad8480339c3967265ef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord626
ord628
ord595
ord520
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord608
ProcCallEngine
ord644
ord572
ord100

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE