787f0435247077c33c6859260467716c_JaffaCakes118 | Triage

Sharing

General

Target

787f0435247077c33c6859260467716c_JaffaCakes118
Size

3.2MB
MD5

787f0435247077c33c6859260467716c
SHA1

78a461add5ab3870f8dd22550220192036059ceb
SHA256

f0c4b5d6f341c18c6f3dd30e421afe376e865f6415bcc7e3046b6eef4e614dee
SHA512

9f2f6047d40de97c449d1410320c5362098d591afa957156fe6b88928eda8328eb214667b8aad8e73b1f797762a88fc17a29a48af52e3faf61f24fd09873c5ab
SSDEEP

24576:gqz+pksQgf8/Pf8/yksQgf8/Pf8/D2SVxVDf8/Pf8/IQDG:4+sQmsQgxVzQ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787f0435247077c33c6859260467716c_JaffaCakes118

Files

787f0435247077c33c6859260467716c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17a77241afd6cbbb28bc2aa0c17f2559

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
ord583
ord588
ord589
MethCallEngine
ord516
ord519
ord595
ord598
ord520
ord631
ord632
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord717
ord534
ProcCallEngine
ord537
ord647
ord571
ord572
ord573
ord681
ord100
ord610
ord612
ord617
ord619
ord543
ord544
ord547
ord581

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ