63e267ce9a33b851262ac0d85fc38f16_JaffaCakes118 | Triage

Sharing

General

Target

63e267ce9a33b851262ac0d85fc38f16_JaffaCakes118
Size

292KB
MD5

63e267ce9a33b851262ac0d85fc38f16
SHA1

c70513b1591d40b08c13fdf334ca1aa15596e3fd
SHA256

196da5f302dd99886719a1bee82ebda024242e235884e8b47fad9a530c5a0a2e
SHA512

fe44a493fbe48e966a6cbc934086563c0ee568601e2b09c2deb477e6b872cfee79f6163a69d9c530806013499a22d37fef56b8cc36876a4dc3b58ebf557d9da6
SSDEEP

3072:NPk/bx/m3jPDm6GmnFuVs91FEOPi18AzGnjiBCeUQ377P8QiMe9uY3N4d3Gs++/t:A15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e267ce9a33b851262ac0d85fc38f16_JaffaCakes118

Files

63e267ce9a33b851262ac0d85fc38f16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c83d9291036687b62b8ae1aa85bdc856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord681
ord100

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ