81fb87e53c462fd41707f9c8c082b14c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81fb87e53c462fd41707f9c8c082b14c_JaffaCakes118
Size

44KB
MD5

81fb87e53c462fd41707f9c8c082b14c
SHA1

57f34c4c0eb6b60217c2d98ca8ae3be7ac75f9fb
SHA256

4c6e0f44217fe4a6e13dd7fec920d12fef8ff3f2b9f190ea94663b1982609386
SHA512

c2f2fc9139733a736284af91512f94460bf615c36577a2e3afab303b98126dbed9d5b2cfb2c36890280ff147f4ead175b1ce1fd17a4ee147d29b8d5bd85176a5
SSDEEP

768:lowVa3helzDhN5ebEz9dh8yEGpIE4XNG8S7Wcbk:lf44hjeSdQE4XC7Wcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81fb87e53c462fd41707f9c8c082b14c_JaffaCakes118

Files

81fb87e53c462fd41707f9c8c082b14c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f51070681b2311fe57362bb09f8a6f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord696
MethCallEngine
ord516
ord626
ord666
ord595
ord598
ord631
ord632
ord525
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
ord563
ord670
ord569
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord714
ord608
ord531
ord716
ord532
ProcCallEngine
ord537
ord644
ord570
ord648
ord681
ord577
ord578
ord685
ord100
ord689
ord616
ord617
ord619
ord580
ord581

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ