5f379bf0d4b4b4ea7a194c3321f91215_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f379bf0d4b4b4ea7a194c3321f91215_JaffaCakes118
Size

28KB
MD5

5f379bf0d4b4b4ea7a194c3321f91215
SHA1

db80eb5208c8fcee740aba6a59d8235cec128097
SHA256

ed9701e8b3058f89c808eff13f80b06e284435f59417fa26a6d8ad19976f98cd
SHA512

e6ff620d4ecb25bfb7196f077c9c3053e03dc4ffb055dec9c3f7c32ea62128aed5515f069ea7e9139e9064658dc1ca10e81a0458f6363c3bdfd29d97c8222206
SSDEEP

384:AopD6pr3eZarR3CoTPs6ZoSbzqfy043T+CTFuOJ1ygP:AoReprlFs67bc4KCxF9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f379bf0d4b4b4ea7a194c3321f91215_JaffaCakes118

Files

5f379bf0d4b4b4ea7a194c3321f91215_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efafdd5a9d2266d8b9b4e4c7afd3140d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

MethCallEngine
ord518
ord519
ord595
ord598
ord631
ord632
ord525
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord608
ProcCallEngine
ord535
ord536
ord100
ord616

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ