697fc3f4b73ceb6b57f2d4ab9a0b0006_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

697fc3f4b73ceb6b57f2d4ab9a0b0006_JaffaCakes118
Size

280KB
MD5

697fc3f4b73ceb6b57f2d4ab9a0b0006
SHA1

07cadc0305c336c31f54a5567573e6bbfa424494
SHA256

00c64b1eaa6d96a0459d6e6b18b145ee2c5ad63bc69ed9d1e653a37d2c52d2d5
SHA512

ae55a32bba34dff5bc8fdbef94130e220b83ebb3d41e39bf459677aa7ac7b3c3fbd577ae68f76b8db81e462ad5bccd0713a9127474bd8ce260ef27eda6cda531
SSDEEP

6144:504m1np8/d4dT4Sh2qMVFCrCdIyMSV9s/jfyJx5F:5MSlmT/3cFCoMe9s/OJDF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
697fc3f4b73ceb6b57f2d4ab9a0b0006_JaffaCakes118

Files

697fc3f4b73ceb6b57f2d4ab9a0b0006_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e138c21e5727a62531575958e410ffb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord598
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord537
ord570
ord681
ord100
ord581

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ