82dc3548b3bdb2f5ac595a7b10a686b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82dc3548b3bdb2f5ac595a7b10a686b5_JaffaCakes118
Size

1.1MB
MD5

82dc3548b3bdb2f5ac595a7b10a686b5
SHA1

2fd25bcfb3440d3d9b55e20a6f272def0644fc9e
SHA256

a594312bae733f5b364d85bbb4116a31d5a40617b1e1487a4f1243cc6e15375d
SHA512

82fe8bca701a04baaf577f70aea7e0fdbf13af4ddbf1422c0a75bba06aaf0e4a9f651e0dc7752326b9a792f53c648a119156467d9b3d3c8c7f1c4d296be10f6d
SSDEEP

24576:pNh+giDWlMUKfb3QUi1Cqn21DEEZ6yh0u:pn+giEMr8UXsQQEJX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82dc3548b3bdb2f5ac595a7b10a686b5_JaffaCakes118

Files

82dc3548b3bdb2f5ac595a7b10a686b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

901b1c98eb828c0cac0a1be5ba7a5c8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord588
ord696
ord697
MethCallEngine
ord517
ord519
__vbaCopyBytes
ord553
ord660
ord667
ord706
ord631
ord525
EVENT_SINK_AddRef
ord528
ord561
DllFunctionCall
ord675
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord530
ord609
ord717
ord533
ProcCallEngine
VarPtr
ord539
ord570
ord648
ord575
ord100
ord610
ord613
ord617
ord618
ord619
ord542
ord545
ord548
ord549

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 936KB - Virtual size: 932KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ