649d903b15baf57b91676a6b9c7fa7f6_JaffaCakes118 | Triage

Sharing

General

Target

649d903b15baf57b91676a6b9c7fa7f6_JaffaCakes118
Size

534KB
MD5

649d903b15baf57b91676a6b9c7fa7f6
SHA1

c948c898402743f83913379263970a32115f6303
SHA256

da61886931b74de5f304089cb3302fa168b0718a30641bab9c4c18c7a4820c4a
SHA512

024809c2ed81a0fd70c7a38351f6b94a9f248186f4661def87a726f5c03d9b9bfa0fd39148f66774a49d9e2251658e3255e1664842243c70803c08927172a252
SSDEEP

12288:Jl9OPpduJligNbin0JNvqFFoPpZcmbIR6KOPpduJli6:JlIRduJ0gNO0JNvq7EjMRkRduJ06

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
649d903b15baf57b91676a6b9c7fa7f6_JaffaCakes118

Files

649d903b15baf57b91676a6b9c7fa7f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51fe4dec9176e4a59ed20e0c9af508de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord667
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord608
ord717
ProcCallEngine
ord570
ord681
ord100

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Sm0kes
Size: 515KB - Virtual size: 516KB

IMAGE_SCN_MEM_WRITE