7844f98ab202902da10bdfa3e7c6eb95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7844f98ab202902da10bdfa3e7c6eb95_JaffaCakes118
Size

208KB
MD5

7844f98ab202902da10bdfa3e7c6eb95
SHA1

31c6c5ed5ea1e3a3892b78b60bd7f898456525a2
SHA256

18ae6ca5211c033b055ab799f4dabcc7a1d1c590716911cd9e8f9589bfb065ee
SHA512

0032a680d1bf639969c39ea3c49663855ec4ef6a42694f66b2963b0653fda280494368026f988b072f484958407b3e046815e2003ef9fa7c318f80a6170ade6c
SSDEEP

3072:OMpPS2gwtr+w6aKmKM3BNtvd5BhkCxKDZz3cvZ8d7NdaJ0NbDr1vPgg:Oyt3LZIluvZ8VmJKDZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7844f98ab202902da10bdfa3e7c6eb95_JaffaCakes118

Files

7844f98ab202902da10bdfa3e7c6eb95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df6f2e35bcc65f52966e1ad4c003025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW

winmm

mciSendStringA

user32

LoadIconA

msvbvm60

ord696
ord697
ord698
MethCallEngine
ord517
ord519
ord666
ord667
ord593
ord300
ord594
ord301
ord595
ord303
ord599
ord306
ord307
ord309
ord709
ord631
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord531
ord716
ord717
ProcCallEngine
ord644
ord537
ord576
ord685
ord100
ord616
ord617
ord618
ord580

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_MEM_READ