731b375315d471b6d4c521aafdb7d059_JaffaCakes118 | Triage

Sharing

General

Target

731b375315d471b6d4c521aafdb7d059_JaffaCakes118
Size

910KB
MD5

731b375315d471b6d4c521aafdb7d059
SHA1

ff58197179f54d49db8aa698057f4b7c0c0de788
SHA256

563734356596c657ed114ac367b03c4bd71185cd5f49f798e07999fcdd5bf813
SHA512

e5fdc10cfbee59d3cad00cb9b855763e375ce8b766a3b42c2db57f4d67df3ec00cb0bd187ca16e759bac15f980dbc5455e45e4d689899d1c3bda50c16bc5e4f5
SSDEEP

24576:A+ivXbZrAJrr186rmIWgVRFyIMQ5xv+UXmRE43ss:A+OXbxz8JWgg5Q5kemRR8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
731b375315d471b6d4c521aafdb7d059_JaffaCakes118

Files

731b375315d471b6d4c521aafdb7d059_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b882453a4787c640876aa61fa204ce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord694
MethCallEngine
EVENT_SINK_Invoke
ord516
ord518
ord552
Zombie_GetTypeInfo
ord592
ord593
ord594
ord595
ord598
ord706
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
ord563
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord607
ord608
ord716
ord717
ord319
ord533
ProcCallEngine
ord644
ord537
ord681
ord576
ord685
ord578
ord100
ord579
ord610
ord320
ord321
ord616
ord617
ord619
ord542
ord580
ord581

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE