87833b5c5017593877857064b09bf6e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87833b5c5017593877857064b09bf6e1_JaffaCakes118
Size

256KB
MD5

87833b5c5017593877857064b09bf6e1
SHA1

f4d1e82736fe5a30c5c8cb240056b3e3743cbdcc
SHA256

4f7364fa094872d0eac5af431bbf354adf86abbad9e728e564e88afec3fb43bf
SHA512

a2d797c35d7b04273929ed4e34cbd91ffd7afdf411e9a64bb7e412324871e4f2db3c7eea29d47d71da1e436dada7c88f7a2def63c782c3ec7ab5823a9fd6d3ed
SSDEEP

3072:etn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4E4t1:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87833b5c5017593877857064b09bf6e1_JaffaCakes118

Files

87833b5c5017593877857064b09bf6e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5968ed3782befa6f2e5bbb4b6166a06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord626
ord628
ord666
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord608
ProcCallEngine
ord644
ord572
ord100
ord617

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ