6825fa5f267c2896d79c37792f5603b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6825fa5f267c2896d79c37792f5603b7_JaffaCakes118
Size

24KB
MD5

6825fa5f267c2896d79c37792f5603b7
SHA1

dd4ee02936d0af90ade4c864bad58c4e9a5add97
SHA256

42b5b4249f64926a08da3a27675ad21cbe9da8c218114c9faae2f32d8a4e87b2
SHA512

c983952b3170743bcdf14d3050bf29c5dd02a0815a23f4011dc24f2c18e192a12d9747f8abdb236de20b5ddc185b2e3845e3124080c7f443fee9cc21aeadf980
SSDEEP

192:RXFL+MQhDA5PHUePLMnHmxHFZ5uUFQpKT9Hp7VxS0vXPdry1KS4o:LdwDovUeDMGWOHp7Vx721yo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6825fa5f267c2896d79c37792f5603b7_JaffaCakes118

Files

6825fa5f267c2896d79c37792f5603b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27fb979902bff02e7148176166220a74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord631
ord709
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord537
ord644
ord100
ord689
ord610
ord617

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ