81c2b560fe7e50858a9facb0be1b4287_JaffaCakes118 | Triage

Sharing

General

Target

81c2b560fe7e50858a9facb0be1b4287_JaffaCakes118
Size

252KB
MD5

81c2b560fe7e50858a9facb0be1b4287
SHA1

0c6b23eb776cad75f5794812a6f8684b09cdebe6
SHA256

85a950b494d98f133d88b8e2e2d1527ddc421c08b8b9e4c07a5393faddb77d5c
SHA512

7976c33e6bb6c2d55582c99d3224acd10f46e737c5ebee544ef8b44b6200bd9c7a2ec4a7433f27ee59c7e5c5b30299149db738bf119c39722163bb5fab06b472
SSDEEP

6144:FmCwBmAxKwNATSLjT0QPPPPPPPPPPPPPPPPPPNPPPPPJPPPPPPPPPPPPPPPPPPP3:anzATSLjTBV4tVaA3Pmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81c2b560fe7e50858a9facb0be1b4287_JaffaCakes118

Files

81c2b560fe7e50858a9facb0be1b4287_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bf98c772127cec0aad713dbbbbe30c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord665
ord598
ord631
EVENT_SINK_AddRef
ord527
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord537
ord644
ord100
ord616
ord581

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ