6fffdd3cbffff6eccf27cdf3aa6a15b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fffdd3cbffff6eccf27cdf3aa6a15b3_JaffaCakes118
Size

796KB
MD5

6fffdd3cbffff6eccf27cdf3aa6a15b3
SHA1

ba0876adc66c1306b91f4d0c420634042bbcbd31
SHA256

3b8d6425092a2a6b1d9340c1496014d37332c2161fc7702262edac90eca9db83
SHA512

206b7f8e767c2870e26c4b1a06424b17c8d986567bdb58db76494a3ab46c4696b2b303b9384445266d7b77f7d634755a67aef5d5edf33989ba8c64b4109e21d5
SSDEEP

12288:dvvA3xP3vu5xpEKbDkFOAT6vu5xpEKbDkFOAT:tvA3x3uWzz8uWzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fffdd3cbffff6eccf27cdf3aa6a15b3_JaffaCakes118

Files

6fffdd3cbffff6eccf27cdf3aa6a15b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c7e4e8382ec73a47d1e0778e4135d0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord594
ord595
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord608
ord717
ProcCallEngine
ord535
ord648
ord570
ord685
ord100
ord616

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 476KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ