5d704668e46eb55ab206af0effcb9b3e_JaffaCakes118 | Triage

Sharing

General

Target

5d704668e46eb55ab206af0effcb9b3e_JaffaCakes118
Size

17KB
MD5

5d704668e46eb55ab206af0effcb9b3e
SHA1

2d80c6c65b45c2ea4c651b4a0bcc01f888a3d7a2
SHA256

6707a39281952b89317bd0ea7e8123536cdd85f403b3a08d8a52c1051888ddff
SHA512

1e6c5fc02ba8ea124aa81e3004aeedd35b90b2a43fbc15fa8a6ab21dd964e996e424b78cb44a6fe82cece8e06816ee6dd8822f3d64d2908303416153370f7a78
SSDEEP

384:w41Y8CJhJSpTKZ5n4lgZyGaWgd2cOHQ5:5NyoGn4lgMHzOw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d704668e46eb55ab206af0effcb9b3e_JaffaCakes118

Files

5d704668e46eb55ab206af0effcb9b3e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

51fa7e429c0b992a1d40139999db7011

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

MethCallEngine
ord625
ord593
ord594
ord598
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord531
ord532
ord535
ord645
ord576
ord101
ord102
ord103
ord104
ord105
ord616

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ