8427d1b271cde2d8e704739da3a75b4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8427d1b271cde2d8e704739da3a75b4a_JaffaCakes118
Size

22KB
MD5

8427d1b271cde2d8e704739da3a75b4a
SHA1

9cbb0db67adc08a28bc12418cb199f85ea615f94
SHA256

dbfc9d7271904479aff791e47e9d1bfdee1fb8379cab3b6592ec0e90f5360cfb
SHA512

21493bab6e8dc465aa4a5e5dc42e13ce58a7547e0d639b31455eebb2626d67faaf9cf0af7597769735d2376c87126d952314a57d816ee30936b850c1c3b44423
SSDEEP

384:fjNeCu59PhFXxI+U6PGSy7oon76By8Hdogg6GJCsIedf1dv:f09vBI+U6OxV+Byed5g6YCsIMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MULTIDOC.EXE

Files

8427d1b271cde2d8e704739da3a75b4a_JaffaCakes118
.rar
MOD1.FRM
.vbs
MOD1.FRX
MULTIDOC.EXE
.exe windows:4 windows x86 arch:x86

d9d638f2761666bb174607177cf6d39e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

MethCallEngine
ord518
ord669
ord595
ord632
EVENT_SINK_AddRef
ord528
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord685
ord100
ord617
ord619

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MULTIDOC.VBP
MULTIDOC.VBW
下载说明.htm
.html .js polyglot