9397a55f922d1a6e3ffcd118ddf13f11_JaffaCakes118 | Triage

Sharing

General

Target

9397a55f922d1a6e3ffcd118ddf13f11_JaffaCakes118
Size

26KB
MD5

9397a55f922d1a6e3ffcd118ddf13f11
SHA1

913ac533cc65804c4a1010ea054c04d4dcb42666
SHA256

ebcc1b2a65ebaf2cb024c901b1c37f51f9be4c1dd80a1fbe16806f640b0425a8
SHA512

c716e40ad39acdb2e512873228bd6e2d23562417b1323d482147d9fff952ec9340ae7376ab89c16282069c044b6a7b6477e81724ff64fbf53a687548bdc78be7
SSDEEP

384:qhK1RwkOWUe5JJO7BaM24okHygooHIYcpG9v6aDcpjZ7q:qhiRbOpEPABp2R2yvofcEJupd7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9397a55f922d1a6e3ffcd118ddf13f11_JaffaCakes118

Files

9397a55f922d1a6e3ffcd118ddf13f11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

835c179b42e77c97cbbc2572d20a65b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord518
ord598
ord709
ord631
ord632
DllFunctionCall
__vbaExceptHandler
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord573
ord576
ord100
ord616
ord618
ord580

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ