941c366f5ba4592a0c41d9333cd4742a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

941c366f5ba4592a0c41d9333cd4742a_JaffaCakes118
Size

20KB
MD5

941c366f5ba4592a0c41d9333cd4742a
SHA1

3782f462b02d44129f3231b8481dc989d14920a9
SHA256

cca2d3acdc96c68943191ff3d9981ef23fffedf8f42cd4f477e4f2666f3e1452
SHA512

590fa56de33b533c0476e0ac6c1ff745e2deef88762944cfb74d216f162be77c94ccda83e3f48c1437f9917c658da2245f5289efef8db79f8570e1ba8ff0d015
SSDEEP

192:eygHJ067dTU26uGJIPddXX0/uXC/PTXXG/jTXXS/OH6IPrZux:AhTU2YJ0XX0mXCHTXXG7TXXS2H66s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
941c366f5ba4592a0c41d9333cd4742a_JaffaCakes118

Files

941c366f5ba4592a0c41d9333cd4742a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c485c87e130faf3245c60f2ffd85839b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord570
ord681
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ