5fd192cb8dc43fc6008d4070a77c2159_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fd192cb8dc43fc6008d4070a77c2159_JaffaCakes118
Size

256KB
MD5

5fd192cb8dc43fc6008d4070a77c2159
SHA1

ef53c0994f3c7c0ea38e5b7e353a37c7bb0f8e48
SHA256

8411b1bcd725b2c414d86ae596ca54c2b5f063031e3242a3ca5331c08223b676
SHA512

4c553ed1ff61f010281fed1b2490a83de18a7468b45619fa5336764952d7364eba46a0c15fde229e635219a11a98a1bdb8cb536345bac035e78a08ddb23b8fc3
SSDEEP

3072:WI/tn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4EX:vkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd192cb8dc43fc6008d4070a77c2159_JaffaCakes118

Files

5fd192cb8dc43fc6008d4070a77c2159_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb21ecb4548c6943a3a6db57a9aeaae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 247KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ