5ce6a43beb213c7cdf40702e1def7330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ce6a43beb213c7cdf40702e1def7330_JaffaCakes118
Size

276KB
MD5

5ce6a43beb213c7cdf40702e1def7330
SHA1

7a0d6796761bb90473d3fa358e11b90ae3e4e09e
SHA256

bed86dfeaaac9f2daa1ed37e313ac18e316714da3ed24165bcb25ca69eaa6927
SHA512

f8f80faca4bcae4eb76c7c9a969e952a5f82a3f21dd84818b2424ac5aa9212c6212c9ef60175211b38601071ecd4fcc5f47277354e7101076431dcbe07784c1d
SSDEEP

6144:e26ZgBLw8gBFPNtdcIM5PiSDSxn5SJf0aH+y6WtSznshe2:7w8gB//cdx5SB5SJf0aHEWt0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce6a43beb213c7cdf40702e1def7330_JaffaCakes118

Files

5ce6a43beb213c7cdf40702e1def7330_JaffaCakes118
.exe windows:4 windows x86 arch:x86

931df82713a57d0b6428dfe64aa7a43b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord187
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord537
ord644
ord578
ord100
ord431
ord617

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ