635804258c3685083333fe668a7030ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

635804258c3685083333fe668a7030ce_JaffaCakes118
Size

60KB
MD5

635804258c3685083333fe668a7030ce
SHA1

a34f15ab2ad0fb167b01ef6de2f23e94d48e942f
SHA256

059938004359b61639d9309b9f18d291071c718686cb8dff259d5a59f8ed9e5f
SHA512

0464d6217938e8cdabcc3ae0e15203e99a93c386e679e29e688ee62c081f0a4541c1ad50a99cc08527b56b6e9b63e4980982502db74d520c2190f696b8f0c108
SSDEEP

768:Xur/SCCKf3/8DrrUv+Qy5v93JZL/zhnLdgdhfmGdbksTtYEkXVo6vqws0bNHBZbu:e7f3/8DrriupevkIvkFtiH0pBhu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
635804258c3685083333fe668a7030ce_JaffaCakes118

Files

635804258c3685083333fe668a7030ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91e9c6290b84a8df9e354ed71c741d06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord665
ord593
ord594
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord670
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord648
ord570
ord681
ord685
ord100

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ