62f43751e890a3e04a0e42b329b67538_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62f43751e890a3e04a0e42b329b67538_JaffaCakes118
Size

395KB
MD5

62f43751e890a3e04a0e42b329b67538
SHA1

b4bd29226ab5c6db3f858aa8b24e8ac390b9495d
SHA256

062d0fbde730c9ce1f54b20a6640ce839362be7658ec2c0ecbdafcf40bf40a08
SHA512

17e584ca29245f347d6c165be9f964b6f0e06b3049011d68aaa3a8a0c2f63ab6c39cde0b1aa520699fb5b7b44f86ee3e4a65a45c85933f5a21b5f10fe41141fd
SSDEEP

6144:DN4vBAaDpa/zPAH1C4Pc0nfPWpxM+fRMlM2Nwg7iv8kMgI1l:DN6BAaD2DAY8cWfPGM63g7iv8kMgA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f43751e890a3e04a0e42b329b67538_JaffaCakes118

Files

62f43751e890a3e04a0e42b329b67538_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f570c411206e82357308fce494fabc96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord621
ord516
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord607
ord717
ProcCallEngine
ord644
ord537
ord570
ord573
ord100
ord619

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ