941e0d3357873688aeb36e0ab0746b0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

941e0d3357873688aeb36e0ab0746b0a_JaffaCakes118
Size

31KB
MD5

941e0d3357873688aeb36e0ab0746b0a
SHA1

8c48a53aded1a37040a9051a72cacfc0f0c840ac
SHA256

be2050ad415b9b12aa16e8653ef507ad6acd664e7d083c45cb016803853302b9
SHA512

a9960e145445444e359e94d657e2f865c36f6770460e3a715b2a81dca95c6c5db85bb58fd8368dc518a4371833c9d7dde887e14f0df29694c094ea3474a11c94
SSDEEP

768:F5WINBVpSjDzs7e3KR3mU5yHPGo/g8lWGUKumF:F5LJSvz9G3WZumF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
941e0d3357873688aeb36e0ab0746b0a_JaffaCakes118

Files

941e0d3357873688aeb36e0ab0746b0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

165b9e90d34c82476d0755857012b239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord593
ord595
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord537
ord644
ord570
ord685
ord100
ord616
ord581

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ