a0b81305372232d16169f25250b720f3_JaffaCakes118 | Triage

Sharing

General

Target

a0b81305372232d16169f25250b720f3_JaffaCakes118
Size

200KB
MD5

a0b81305372232d16169f25250b720f3
SHA1

569856ce5c8b81c801e93c5805d686f9e7fbb8ec
SHA256

ddff900825c036ee7be02058134b52ef072d2fd28be60f4304bf48061d4be35e
SHA512

21bab0efd9bea50e60afa71e0dafa95f9bcb10c09d91581a632de27835d82df854a9f107c5b6a9953a08d6e8dfc3abf3cf153dddc59fbde2b7822100c158b6f0
SSDEEP

3072:73OeY2P6y0ikytuwVc8MQ0+pPPvSaKxINJhTnAsa1YtiqBqQKMi+9JV:SBiDuwVcUp61Ls7iVQKMi+9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0b81305372232d16169f25250b720f3_JaffaCakes118

Files

a0b81305372232d16169f25250b720f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c11add5eb942fd35acb2116a473a36a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
GetWindowLongA
UnhookWindowsHookEx
SetWindowLongA
CallWindowProcA

kernel32

GetProcAddress
RtlMoveMemory
GlobalFree
GetModuleHandleA
GetVersionExA
GlobalAlloc

msvbvm60

EVENT_SINK_GetIDsOfNames
ord694
MethCallEngine
EVENT_SINK_Invoke
ord516
ord519
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord598
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord607
ord608
ord716
ord319
ProcCallEngine
ord535
ord537
ord644
ord573
EVENT_SINK2_AddRef
ord681
ord100
ord579
ord610
ord320
ord612
ord321
ord616
ord617
ord618
ord546
ord580
ord581

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

resource
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE