8d44b443a4ba7e18bab006e08942c5e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d44b443a4ba7e18bab006e08942c5e4_JaffaCakes118
Size

48KB
MD5

8d44b443a4ba7e18bab006e08942c5e4
SHA1

17635714c8178f7a3eefec58bb59af7bfa317ae0
SHA256

1b728fdc080898e0544b8492dec566665abc855ddfacb6f5db5a27aaa5dbea43
SHA512

b8a2fe68d08e4dc1c17b1c416b36b2b430ed81e1e0ff2b9db396141cb1116664dadcc682adbdec80911d34d49235cb6ceaad0be1774005af01c75b9548ec06c3
SSDEEP

192:Eufr687giSxraR2m8BIbpTDPbwGWXrfppxJJK9It5YYz1wKnlj2uVKc4WDbNHXSw:tz6WUz9BIbtOXrxrK9It5NljzPBj5XJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d44b443a4ba7e18bab006e08942c5e4_JaffaCakes118

Files

8d44b443a4ba7e18bab006e08942c5e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

587424791d4c7cb591257f7dca12d7ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.scpack
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ