8220a5dd24e2667b8e1332512815a7e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8220a5dd24e2667b8e1332512815a7e7_JaffaCakes118
Size

56KB
MD5

8220a5dd24e2667b8e1332512815a7e7
SHA1

8314e8be31daf9366df5106fe59ce34f72f6e49c
SHA256

5356acd58c906ce8edee22aaf49b4cee192d025c020d5c07512eecaf20aacb0b
SHA512

b325a751e5ddbadd4401150ae789af7c9f0ae4a7ba45adb8b77d533c62b80f38c5fcb8b34430625a4f95c61fe6c892291f6c984841e64cad072308f4d4e6ff14
SSDEEP

384:yxeUZkk7T50RRPKPXa5rKmk4tdxdRjiWuBp+iNq+ctkAlsOhRztis2/NmE/LmpED:KZH59TwJ8cgs2oma9+s3NLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8220a5dd24e2667b8e1332512815a7e7_JaffaCakes118

Files

8220a5dd24e2667b8e1332512815a7e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e55912dd339867017d9f9fa7b7292a67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord628
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ