60887bdca735acc62a428365baa11f33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60887bdca735acc62a428365baa11f33_JaffaCakes118
Size

14KB
MD5

60887bdca735acc62a428365baa11f33
SHA1

1514727cdf16a64edc880655e6cfe062516e3841
SHA256

bd347cf71da06b7da0d0738d5fccfb44542e3cfdb8e8f27a749eaed33af82413
SHA512

e4261c741de3e5f2d64e2ab1c4cc641fbe2debb720e5a0d02042a2e4a81d316bd08cf6ac3de34c135e7b403a8a00636d9f22e9e44cc60ff6f1536a070c16b7da
SSDEEP

192:nYbYBDCVgrwX6jOfuk86jFMpF7X0JTgFLY2Ec:pDQ9VVFMf7X0JKY2Ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60887bdca735acc62a428365baa11f33_JaffaCakes118

Files

60887bdca735acc62a428365baa11f33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66cab16519f2ac9273b1033c7d0f5ae0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ProcCallEngine
ord537
ord644
ord573
ord100
ord619
ord581

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ