94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118
Size

324KB
MD5

94b70f6b9dca7e08ff2a4f4dfce1b697
SHA1

ab344d4f65a61966b54556c4ad0cbe3093b2e9e3
SHA256

d1de3763bf462b0a2ca972adceb0132bce19bd1d2f013f9869ded8feec1b9d62
SHA512

0b833c16a8d769dc772660fd153dc3afa93c19359c16add64fe0a013669aec96e5307d609e12d8d6a5299a8854c8945793027aaf9f55697fedde6461d966fa1b
SSDEEP

6144:deR5yjI0wwCdv1sOiaZgMs2StQco1MjJkZxJYAiciYKD1boS9I:u5h0wzdv//2MnR1MjCxJYGiYWboS9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118

Files

94b70f6b9dca7e08ff2a4f4dfce1b697_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49cf593d3858c6b4b026c208c9b4fcb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord644
ord645
ord570
ord648
ord572
ord685
ord100

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ