6342d862b0943edbc4a4e571c07e575d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6342d862b0943edbc4a4e571c07e575d_JaffaCakes118
Size

34KB
MD5

6342d862b0943edbc4a4e571c07e575d
SHA1

d7d47e0042232c3bdb2a6b87a7416766da002f24
SHA256

2a5f07efb5ac1c021b99eba39d46cecdd04bae8298af577f7190c432f705838b
SHA512

7f377516504a6b00536e98e4bcc6d879c77397f910121144e638a31eeeb5adc883b7c363e7d8bbb56f57015f05828e1e047b1a7d37e9d97bc5064f253d2011e1
SSDEEP

384:fF8PfdAPUx5rgYs9uotyODyetlBMc3LWhWt8m+AnoNfTVJefophXjPqWJWKCGxG4:fydAPUx5rgz7yktShWt8CCBJeforxG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6342d862b0943edbc4a4e571c07e575d_JaffaCakes118

Files

6342d862b0943edbc4a4e571c07e575d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01bbc0a7f739896a852cf10e5b5eb980

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

ord516
ord517
ord518
ord593
ord595
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ProcCallEngine
ord537
ord570
ord576
ord100
ord616
ord617
ord618

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ