89055ad43cd4e6fbdaa163d617128ee7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89055ad43cd4e6fbdaa163d617128ee7_JaffaCakes118
Size

16KB
MD5

89055ad43cd4e6fbdaa163d617128ee7
SHA1

cfb0aa8e754548d420ffeb5d956ea52340f719e7
SHA256

4a26e312e427cfda9457e16676f598115e2a92e1d697487ab97cc3532dde8c9f
SHA512

a730dee6ee9542a95778e50be914d7a82a18218cbbe005cfc0b0f052756fdf87da0d212ff0ca022055c2b78a19bf32c24b6663a9d1437b73ee88d132628e5aee
SSDEEP

192:n7dZLNfUpjdiE5gK1gKzuiDl8f5vCYAIkCyis7E+:neCE5pPZqNCYAIkCyiD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89055ad43cd4e6fbdaa163d617128ee7_JaffaCakes118

Files

89055ad43cd4e6fbdaa163d617128ee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e4fbd60deb977ac119c418da2938fc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord648
ord570
ord685
ord578
ord100

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ