5d9e3c4726032ba86363bf3d4f378144_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d9e3c4726032ba86363bf3d4f378144_JaffaCakes118
Size

127KB
MD5

5d9e3c4726032ba86363bf3d4f378144
SHA1

11f0a1e7bc83a4375c92e6b3e6ce0be64a326e6d
SHA256

bd2830ce10814170f182141319405e49c1ebc8bf0621940e411f4fa59172092d
SHA512

4f84de41665d845f6e1fa9988dc2e6f2221dba91fbaf508b080a2efb55a182dad2b9d23b526a84ffd6b730db8010a2cea264fa147c73abbf09713a0420e8f3f9
SSDEEP

1536:jTr1wAQb+oyB8y9Ty/Qf0qUYDII1mOr4Ni+4j5Spn0R0qyI05Qepe7mc:L1J9oIf0qUYMQmOr+iFM0mG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d9e3c4726032ba86363bf3d4f378144_JaffaCakes118

Files

5d9e3c4726032ba86363bf3d4f378144_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d9cf3e544ea4b8ac9f478569883417c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord519
ord553
ord660
ord598
ord632
ord525
ord526
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
ord563
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord608
ord717
ProcCallEngine
ord535
ord537
ord644
ord570
ord648
ord578
ord100
ord610
ord616
ord617
ord619
ord542
ord545
ord548
ord581

Sections

.data
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB