61cf889404b376f982aa03cbaf776209_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61cf889404b376f982aa03cbaf776209_JaffaCakes118
Size

16KB
MD5

61cf889404b376f982aa03cbaf776209
SHA1

dfdec1bf8d53f34ee520c2c3398798251d567faf
SHA256

16799675cb3095cf974e2a33419946e753b977399e521eb2a7449d4c37d930da
SHA512

9d303e6e04b26cad4daaa2d88c6f9a147722b089e1ffa4be92415fa945a1ad886827f2b9efc82dab76d659a05efa76820799d531751c4f20f1297ff99a0150e4
SSDEEP

96:u97P8DAVWMjlGSfCEtMHL+vqG6bZ8yb9muf9WpOhqU2:GjVWMj9fDmw6tNqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61cf889404b376f982aa03cbaf776209_JaffaCakes118

Files

61cf889404b376f982aa03cbaf776209_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19d51100fd25cdbd7e4ec839058a33d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord518
ord598
ord632
ord525
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ProcCallEngine
ord537
ord570
ord100
ord616
ord581

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ