5f05c9b0835451ced65856854cc9b924_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f05c9b0835451ced65856854cc9b924_JaffaCakes118
Size

248KB
MD5

5f05c9b0835451ced65856854cc9b924
SHA1

2377a1ceb3534f2cc1166af7fe6bf57550de4fc5
SHA256

52aadadc790e226ca84092231e7a179b7f37b6eb8935230946fa9873663afb5e
SHA512

cd03740716faedef01cbd83ee899ac4aa6e0411a5dfe19ca48579e814c76eca051ce54648143f872ed91a8ce9a35f698b3bc92f762d470e78b2073bfd46c3183
SSDEEP

6144:l2gAJ43Wo/2vs7SwihWq03P+YEPshhhxG1wQSFyPVQfJoHt8gIvSd0rFMmJ4AUTO:7/2zUiTjXPcJGwhJ1ubOR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f05c9b0835451ced65856854cc9b924_JaffaCakes118

Files

5f05c9b0835451ced65856854cc9b924_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07f8b4dffaba07e4ec701555805684d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord537
ord100

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ