6a969a2a5841684c38938c6c7431b647_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a969a2a5841684c38938c6c7431b647_JaffaCakes118
Size

244KB
MD5

6a969a2a5841684c38938c6c7431b647
SHA1

908ac9ec046359d16e4021e75155ab3cb0612d75
SHA256

e1a2be503ce9c2415264ecd5d59ae1cb1fd348ac563dfeb66d1cd0a0619add0f
SHA512

98ef1732532a496ddb1e19e6d024f5d7eeaaa2f706a205380cdd193946d694f64be2e8cdf49487d03356199474b38b5cbf66a18b9fc4736b8f5aa42b94d139c0
SSDEEP

3072:frZRboECEWMoUGbUIhG1VUgs6zO5QXGNrtlCw09WaeETgB5m6zp8yqXCdL2pCOvU:5oUWth6Ugs6zHO09WqTgB0dXCtsU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a969a2a5841684c38938c6c7431b647_JaffaCakes118

Files

6a969a2a5841684c38938c6c7431b647_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63af7ae5fee2829ed6656756b1a16803

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA

winmm

mciSendStringA

user32

LoadIconA

msvbvm60

ord696
ord697
MethCallEngine
ord517
ord519
ord557
ord666
ord667
ord593
ord594
ord595
ord520
ord709
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord560
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord531
ord716
ord717
ProcCallEngine
ord644
ord537
ord681
ord576
ord685
ord100
ord610
ord616
ord617
ord618
ord652
ord580
ord581

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_MEM_READ