5a801050754a913f4d8009d994ae2f2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a801050754a913f4d8009d994ae2f2d_JaffaCakes118
Size

252KB
MD5

5a801050754a913f4d8009d994ae2f2d
SHA1

625fbd3941c7f480211ab1e9a2a8fd45f74d72bc
SHA256

f0c15396e21ef7d79caf46faa425453097abf8e89326dcaace1682f4c29bdc89
SHA512

d5b7716cc604bb6c9ff03fc1e1f406f6a641f2e1af170320897bab756ce999f6ce9adb62bec4b0220e9913674c5f269fdf26b8ddc1745d6aa0d60032357c4ba0
SSDEEP

6144:FSnHuMborPtNHuMborPt6HuMborPtOT1+MborPtCL:P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a801050754a913f4d8009d994ae2f2d_JaffaCakes118

Files

5a801050754a913f4d8009d994ae2f2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81df2af7db1e314ea037fb2bca3375bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord595
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord608
ProcCallEngine
ord644
ord645
ord573
ord100
ord617
ord650

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ