72c9523734036bc0b40ec63c89987ba3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72c9523734036bc0b40ec63c89987ba3_JaffaCakes118
Size

328KB
MD5

72c9523734036bc0b40ec63c89987ba3
SHA1

64243caa270146fa8c89dc873cfdb92ab0b21305
SHA256

4ffc1bd56db1ecd0ec8de6e6da8043e3107104273971f5e217c539e06c7ecc45
SHA512

cd5c6a6e8a174202531855b870107eef5e2ce4662de1c853c27aef4869c2651a59be23a939ff998dd035c385afd4b04e8b3fa3a5236826e5ea2c981595db309b
SSDEEP

6144:SITJ9XnUfAUf3/7zUfb9mW5NVdhwMnLYnRubQ:SIbXnUj3DzUfbVN2gLg0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c9523734036bc0b40ec63c89987ba3_JaffaCakes118

Files

72c9523734036bc0b40ec63c89987ba3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aed45ea22f4bde3959abbbb1dc46cde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord558
ord595
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord608
ProcCallEngine
ord535
ord537
ord648
ord571
ord100
ord616
ord617
ord619
ord581

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ