5bf9b95ec3911ba53b7dab44c0ed5a54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf9b95ec3911ba53b7dab44c0ed5a54_JaffaCakes118
Size

20KB
MD5

5bf9b95ec3911ba53b7dab44c0ed5a54
SHA1

f62dbe66ee045673bf5e01a8dab0a846a4d1e956
SHA256

c9fd99cec1f4eb77613c1e4e7e38109379d066a2fbf56a9c2ecd701b1e766f46
SHA512

f1e15497fa89632571203877bc62f177f7cda8c5c02a741e4bd08a1247cea3cafc6b57cb80635df87d0e4ba3004235cdb9d1da6a3b45dc1b1c4d96196f0ee829
SSDEEP

192:twHpweU+EpRCbBQ57y7Ktd4733NVaOMA+aSo4nbEbGUjykAb:KiTAb2VJqRVavQ4QljykAb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf9b95ec3911ba53b7dab44c0ed5a54_JaffaCakes118

Files

5bf9b95ec3911ba53b7dab44c0ed5a54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fcdd05d93731bc25722e901ce4ee33c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord696
MethCallEngine
ord631
ord709
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord100
ord689
ord610
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ