8d0bddc8da8678c683e691b68701904d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d0bddc8da8678c683e691b68701904d_JaffaCakes118
Size

540KB
MD5

8d0bddc8da8678c683e691b68701904d
SHA1

6ae647a2b0fc5c6e7a8f41c1840d7c2015317d12
SHA256

4481abd7d2f2dd8a2fc8bde70a92852dbe942d6990ce43e07db4d031dd023020
SHA512

3d04d168f9795d5e124a8935df23c24f6830a2497710a4588701c460e8c4a2a78c200acf1e3b60e3a19311de091988d899839d598b9948a0d5bdc0d8184a8901
SSDEEP

6144:4aVEFsjHiYMYcIJBSpHhLt9lsawvE+cmGqYcTNewm0gFg1YuyvmgvEPgcm1hXvE7:6nG8pHDbP+n85w2Fg1YuyObP3QvkgzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d0bddc8da8678c683e691b68701904d_JaffaCakes118

Files

8d0bddc8da8678c683e691b68701904d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

993c2d2dc5c7b5ea3ed3ed2b7df996d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord667
ord592
ord523
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord571
ord576
ord100
ord616
ord617
ord580

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ