6a00fd2995392c217097c49c84c8a898_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a00fd2995392c217097c49c84c8a898_JaffaCakes118
Size

1.2MB
MD5

6a00fd2995392c217097c49c84c8a898
SHA1

010e4b0cbfdf9351216c0ca7f9dce955a3d92262
SHA256

9f68bc69cbd1b1728e4785973f0360af5564b9ee510e9e2aec62937447cbcf34
SHA512

c0a92e568462b8702d0f9753c464e49032406a2ffa681f2c9fc9cebfcc3808417ca51c94d02ddae305ef88cdd744f9743265b7f977b771f72e21f091885a65e5
SSDEEP

24576:dpzu3aMETGFyo1KIKxubGfDjiKk4anB9wR+Xg37ii4xG:dCajyFpCYbGf/u4KcR+27ijxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a00fd2995392c217097c49c84c8a898_JaffaCakes118

Files

6a00fd2995392c217097c49c84c8a898_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1332fc8454ed69bea840c0dc3a3695f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord660
ord666
ord598
ord709
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord607
ord608
ord531
ord645
ord570
ord576
ord100
ord617
ord619
ord546
ord580

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ