6cbbc14281cc1a523768e08fdf560ca5_JaffaCakes118 | Triage

Sharing

General

Target

6cbbc14281cc1a523768e08fdf560ca5_JaffaCakes118
Size

444KB
MD5

6cbbc14281cc1a523768e08fdf560ca5
SHA1

2f7500d8ac1daac3a01db854ab3290a60bab0da7
SHA256

507e3fe13e1cf3f67437eb9f895b647972127060c42521dfd93a63f32e6613cd
SHA512

3564c9f57e31f7b5d349d925f11835567ea90aab47a78850f23c397d5bb902325a0502a972923eee5fc6af736b6e9f309bffdfa9e8e7f382e3f40459ce994829
SSDEEP

6144:k1lcF4A2Dwx13Vi7ACOmnjC/+80k/4CLzzFuuuTH7Mcs1l:k1GFfDx13V/hmjC6I4nHs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cbbc14281cc1a523768e08fdf560ca5_JaffaCakes118

Files

6cbbc14281cc1a523768e08fdf560ca5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5651218451ae3929f05b9bf60dd5683c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord646
ord573
ord681
ord100
ord613
ord650
ord546

Sections

.text
Size: 408KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ