863e31375270f272b1f45fc0165c0868_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

863e31375270f272b1f45fc0165c0868_JaffaCakes118
Size

24KB
MD5

863e31375270f272b1f45fc0165c0868
SHA1

d5ba639284c2b6dcab28b05e8a19c0c51c7cebde
SHA256

32e1eb1d28e7dafe1cdc652811908b3264d060f25c83d8fdeb791fd7cb82f562
SHA512

5d054525fa69ef1d345f5353da3d6623dc1c830778eaf12a53b122763d665e142822bfa84a61bcd2b5bd55eea7165ee2668a8359e549b02658ef5fc19c0828d4
SSDEEP

384:USttDD74mVaNjdqHH2hS4wkkWHH2hS4wkkQo:USrDD7JVWcbkPWcbko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
863e31375270f272b1f45fc0165c0868_JaffaCakes118

Files

863e31375270f272b1f45fc0165c0868_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91e6d8b6805303b55c3f698117c06f00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord709
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord100
ord689
ord610
ord617

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ