9699eee29dda57e6083b100edfa66fe7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9699eee29dda57e6083b100edfa66fe7_JaffaCakes118
Size

32KB
MD5

9699eee29dda57e6083b100edfa66fe7
SHA1

ed594c221d903e2385a88e566baa2b3be9a7d832
SHA256

03f24908023e0dd5ca8dad121a459550b1801712051bcd6654dd5b871abcee3e
SHA512

ec3b8294a2148dac10d6267bd58ea4f16e67e05fdbfe560fd5e99d9af94de4ea354cbae68f25b81b1c89656306aa7e3608401d408f43b81b20a0b004df5e0336
SSDEEP

384:TfRXdPTaX5xq+iMybaKCd4Lfxw7LNKv7ufNMEq42Z+9Y:NpbOfMu2E52Z+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9699eee29dda57e6083b100edfa66fe7_JaffaCakes118

Files

9699eee29dda57e6083b100edfa66fe7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5db095dfc1721d74b230d08dedaa4667

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord558
ord666
ord595
ord598
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord563
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord606
ord607
ord716
ProcCallEngine
ord537
ord645
ord578
ord100
ord579
ord616

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ