9666c41a11953a7a195b5a6bc5804b48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9666c41a11953a7a195b5a6bc5804b48_JaffaCakes118
Size

498KB
MD5

9666c41a11953a7a195b5a6bc5804b48
SHA1

8601c69e41d10b14a1a04dbc79b927bcd9ddb906
SHA256

c2106465cf7413c077f4e7395d9ba9e6dd1959d14496340948315d58cf3def2e
SHA512

52b14a7c60c938f42d8200426f33028ccbee3625392a3a74f31fa404deba02bac90564912bbf0e3dc7dd1a45ec7f9d1a51a37d82efd1b1721d48b3f9c2506727
SSDEEP

12288:0TNhbinwn3H+NlT5e9OrW7vdtdJxjJC3raB:IbiO42OizRJC3raB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9666c41a11953a7a195b5a6bc5804b48_JaffaCakes118

Files

9666c41a11953a7a195b5a6bc5804b48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

290eb974ab667a6c7e8a85c86ccb6c12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvbvm60

__vbaStrI2

oleaut32

VariantChangeTypeEx

Sections

Size: 407KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE