7601448735318f9aed4f882a02f24f6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7601448735318f9aed4f882a02f24f6b_JaffaCakes118
Size

136KB
MD5

7601448735318f9aed4f882a02f24f6b
SHA1

23feac5785982f97ecfedabce4d2505e91ed9c5f
SHA256

343501f6c1cfeb44a7694e4116bbbaa05d10877979005c0a2503433918b4ba6d
SHA512

a3367e9f474d8feef1f3eaa2aa147ab15ccab42738de1c6118d1423d445d9a3bdde735f64634aad36525bbffd3356e26b11b67d9e74ea9ade51aedb831132840
SSDEEP

3072:705zH41mVSxp/AMi86yEXkqSCDXjZfWNU2AxE2:7GzH41JlL4XklQjZQua2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7601448735318f9aed4f882a02f24f6b_JaffaCakes118

Files

7601448735318f9aed4f882a02f24f6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb6f38be18b4aa522d212d68e35dbad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ