8995c97063c54cd94260c528c6af18e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8995c97063c54cd94260c528c6af18e2_JaffaCakes118
Size

324KB
MD5

8995c97063c54cd94260c528c6af18e2
SHA1

678d4285eee8139ddc1dbc1ac7d1abb9c07d9e52
SHA256

0cff7d1947e813d7c9cfad93dc33d07f0a4f7262190f532d6ddc7e51caeceb17
SHA512

371530a9b4d48b6557956a668e0ff3b71a1c55fe87db17756783a1252092a20d45866399a5651e71de6fc5a54e02408f736484c185d5d9c1e0951da50b245971
SSDEEP

3072:BKloQSrkKgRENEI5apGTwQqVMTW0hiJDeazl2fxIiiziY:p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8995c97063c54cd94260c528c6af18e2_JaffaCakes118

Files

8995c97063c54cd94260c528c6af18e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb21ecb4548c6943a3a6db57a9aeaae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ