863c324e8cb7902bde0604b542bef21d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

863c324e8cb7902bde0604b542bef21d_JaffaCakes118
Size

3.3MB
MD5

863c324e8cb7902bde0604b542bef21d
SHA1

14a31085df471292c28986d06caff7f64144c71c
SHA256

dea295db508b058b8a53f9345c6f07a1591ef5d1c3330a2fe28842a5c3a2f66b
SHA512

6414b321e1d922a15d13d9a42dbb1d992cada56835d9aa75eb8cf44782c3254a6da1380f37e354a9569b1e4f68f807358783344daec0f0e1e3313e53ee8b1a50
SSDEEP

49152:gP1zbBexmGtFEmc57K65BkpO14A+9c1zbBexmGtFEmc57K65BkpO14A+9e2JC:gjEd/Emc5Oy5LEd/Emc5Oy5bP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
863c324e8cb7902bde0604b542bef21d_JaffaCakes118

Files

863c324e8cb7902bde0604b542bef21d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e4a69869c2fcf27485c185556cd0f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord667
ord631
ord632
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord712
ord713
ProcCallEngine
ord537
ord644
ord570
ord573
ord100
ord619

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ