77d4a94cc1de075760bc99961f10e3b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77d4a94cc1de075760bc99961f10e3b4_JaffaCakes118
Size

108KB
MD5

77d4a94cc1de075760bc99961f10e3b4
SHA1

061e66c801e0bb1cdb176e9ffe06c336c7e8b922
SHA256

a8f2e810a377f5a41628a6b499b1f6a5eda48a3d4e1b7c59e02c487d2f0ce111
SHA512

0ee605fbababa576abc964a63c398c65e31c691fcf07aa6ddf6da4e8cf16912999a302c34e273375c516916d7b62beecbce9f57ebcc585fe9f977d4f71e1611b
SSDEEP

1536:7obI+v4KHqn8K5N7K2ATfnGyIWYNiuXKGgHDUcZD:7oTQKHk8K5VuqyYlcZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77d4a94cc1de075760bc99961f10e3b4_JaffaCakes118

Files

77d4a94cc1de075760bc99961f10e3b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bef37a39793ab3edd4746349b679ce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory

msvbvm60

MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord608
ProcCallEngine
ord644
ord572
ord100
ord616
ord618
ord581

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ