7366b42e6b91afd345b8df2f32e06c70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7366b42e6b91afd345b8df2f32e06c70_JaffaCakes118
Size

534KB
MD5

7366b42e6b91afd345b8df2f32e06c70
SHA1

162602b0bda14526186d605e9605c96e50be49e8
SHA256

2045ec0fdd2d1cd6310f74ff6da22d0bab7748d2b96a8830c12535bb42e9102c
SHA512

f9ee6467ec537bbd5447539ab74d1cfc850afa7717446a6e06359a31bb0380abfdacc48098050725028d9d19ef92578680e2f9cfeeaa41d32b1daed373214d3d
SSDEEP

6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOOtX4sF+1IpTbmc/:wPhM1jsMk5AcTC4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7366b42e6b91afd345b8df2f32e06c70_JaffaCakes118

Files

7366b42e6b91afd345b8df2f32e06c70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29e2976b1fd97a1c57c8afd17b8c319a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarTstGt

Sections

pec1
Size: 141KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE