5fbd921967d83e13dfd0bdccfb86c002_JaffaCakes118 | Triage

Sharing

General

Target

5fbd921967d83e13dfd0bdccfb86c002_JaffaCakes118
Size

431KB
MD5

5fbd921967d83e13dfd0bdccfb86c002
SHA1

6b48e4f6e8dc0ffc424f2502403d8e3e9288e256
SHA256

4b41bf354c73d96823bffdcb479bcad5dd37ed46d7f21c4a2e7823cf3aa89ef4
SHA512

c3cebeef7008d071604a3527f9289a0b317a442b4efeba0e9c972ed7e3bdc6166770eff74d681245675d2985282bb40633b9f2d73f924b2151fde5b3dc2700fc
SSDEEP

3072:EbBBXUvgDwM0B89kUptz3V2ndtMjL8E87LuOBTqyZ:fQkUpx3YkaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fbd921967d83e13dfd0bdccfb86c002_JaffaCakes118

Files

5fbd921967d83e13dfd0bdccfb86c002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97f63216add6b9462018d5e5a2dee29b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord595
ord598
ord631
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord713
ord608
ord717
ProcCallEngine
ord537
ord645
ord648
ord570
ord681
ord685
ord578
ord100
ord581

Sections

.text
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE