7152f15502418c474b3987c2e0113f53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7152f15502418c474b3987c2e0113f53_JaffaCakes118
Size

16KB
MD5

7152f15502418c474b3987c2e0113f53
SHA1

7acb6b3517a3bc7727567f44e2f50c270caed85e
SHA256

30f7cafd3a860812f0470b6210725719320c73e0b1ab68d5b4d50c646686cc80
SHA512

7007903bf0e3f4c13f3fd89ad531dbc54084718ab39a9eccbf211091007b7c94374f988e58b915f206cdc58830928efa3f35f259a3e3e8cdd29d7f8185ef8744
SSDEEP

96:8irUnBx/6CdwFCFb/8TB/tcdDd/fc/fiPWBVvEN2:L4f6hEp/8TB1cdNfAftEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7152f15502418c474b3987c2e0113f53_JaffaCakes118

Files

7152f15502418c474b3987c2e0113f53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41524f59e98a6749a11ab0ac6253ffee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord626
ord520
ord631
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord716
ProcCallEngine
ord537
ord685
ord100

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ