72eb910844f077fba390204f26540293_JaffaCakes118 | Triage

Sharing

General

Target

72eb910844f077fba390204f26540293_JaffaCakes118
Size

284KB
MD5

72eb910844f077fba390204f26540293
SHA1

bbc6b6b23f4ada8fc68c76ea6ec78eb5f45cd6b3
SHA256

d826c611294532684ba8dd4060337a1cc4316b8b2b31234b394d95391c6687bc
SHA512

0eea82789c34a98b20a7bf84d40d4054c486246dda9db0f2f92b310981447735679e6f973b81e06830c8b2689ca3e4ca4b2e0ae9a79346e009893c2ea61bcf52
SSDEEP

1536:UM0YCtkMxpd4+R8k40N8QtlNlOm+We2unfGiuaog4gRglJR0Cyp4LiRaqrT7DtTN:JGgC5f+J9fdTG8Bfl1921JyWEG2Sa+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72eb910844f077fba390204f26540293_JaffaCakes118

Files

72eb910844f077fba390204f26540293_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b058615eeccf924df0413f344b8a541e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord662
ord300
ord301
ord595
ord596
ord598
ord306
ord520
ord307
ord631
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
ord564
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord317
ord318
ord717
ProcCallEngine
ord535
ord537
ord572
ord573
ord681
ord100
ord689
ord610
ord612
ord613
ord616
ord617
ord619
ord546
ord581

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ