a09d929d358798dcb17d73fe7d599d10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a09d929d358798dcb17d73fe7d599d10_JaffaCakes118
Size

1.0MB
MD5

a09d929d358798dcb17d73fe7d599d10
SHA1

bed7d697d905ef720202f51a57f4db313d320f3d
SHA256

d373858f64a43aa830b8086c08f5b13c45ec49b2b4c23b514d4bbad313295b0e
SHA512

6e546b01e3a15854145724e0912f7258aff14f63b36c79129e003e8469151a959e5e420cef4702373352d83cb59e2afc68ece9ced9fa35a00ea51f33da8115ef
SSDEEP

6144:4hPBarKpePlwB4vYkoBWcxcy8sVRnQMUyO399+J+2lgm62WNZZ1KPO6d32N:sPwruqstcy8oRQlvNEJZlZyNZZcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a09d929d358798dcb17d73fe7d599d10_JaffaCakes118

Files

a09d929d358798dcb17d73fe7d599d10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

375c7402f8748b0ff0440c4212cdf8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarSub

Sections

pec1
Size: 22KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE