6787c14cc5b6cb633b5d33d6a00bfd30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6787c14cc5b6cb633b5d33d6a00bfd30_JaffaCakes118
Size

28KB
MD5

6787c14cc5b6cb633b5d33d6a00bfd30
SHA1

d28dc14875a37831b7a596a37b9883edb222dd4a
SHA256

2de0d259f3e3904fb55108032c0c6daaa21404db65c546ce2f527832ae9011da
SHA512

5569c328eac28338498bd9eacef68ae62dc953a5b214808223505c945d6e2bc033da6ac223bde83d1adc510027ca65b5af2a8e06bdab4cf21e7f42c77d2a79bf
SSDEEP

384:JYs0gP3Nh6/lxliGRtPlqxAoOUm+zK8UK:dBwMmExAoOUmEj5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6787c14cc5b6cb633b5d33d6a00bfd30_JaffaCakes118

Files

6787c14cc5b6cb633b5d33d6a00bfd30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

451419c8070ac6ac6a433ae78e670ff7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord626
ord666
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord562
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord716
ord717
ProcCallEngine
ord644
ord648
ord572
ord100
ord617

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 7B - Virtual size: 7B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avg
Size: 91B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7B - Virtual size: 7B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avira
Size: 91B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE