6326b58e93ebcbad54a43918888628b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6326b58e93ebcbad54a43918888628b1_JaffaCakes118
Size

9KB
MD5

6326b58e93ebcbad54a43918888628b1
SHA1

ebb141646a73293d1f7524eed880a5c091f09e46
SHA256

69daf597c58898596e1a4b02b05c7e4a592fae66d57e9b01709c92a49947e7ad
SHA512

37285c162aaa7e1b896c90d55775822085deec2c0c9f0897c72dbbabd1cf7d74dd9929fcc012de653e772ce686d89fbef5ae7dd3b9b03974b5d7ce3934fff4d1
SSDEEP

96:uCRSC2HFbKHD6lv/mKxVcsFhmoVNsWMzHvbEi2h+M:lRIFGHD6XwNvYib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6326b58e93ebcbad54a43918888628b1_JaffaCakes118

Files

6326b58e93ebcbad54a43918888628b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85bef8eaca2b10371cc3bd98c7d014a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

MethCallEngine
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord571
ord100
ord610
ord617
ord548

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ