a1978b36a5d2adc0558a54dc1eda452c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1978b36a5d2adc0558a54dc1eda452c_JaffaCakes118
Size

363KB
MD5

a1978b36a5d2adc0558a54dc1eda452c
SHA1

3aa7b79cb50060dee3584a8c345817f5fb3083c2
SHA256

e30a788b2aeb690f9ec6dfa051ab16b14f54402c488d7b0e10f812f0fd646004
SHA512

150454f4554ce3d6b1175892cb47566c49df5b456f6c68b0c276473aefd1d9234cf6299226f4b3a674f2632af8308693c577de1b7456dc12e9c1a088a81e1238
SSDEEP

6144:0ap8/5BBLQLN6pcBLQMtQXS21cXEpZlvTKpYl7HsuEdaB1egbSzr:Lmp2IcpBtQXnjpjvTKpaSdO1ekSH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1978b36a5d2adc0558a54dc1eda452c_JaffaCakes118

Files

a1978b36a5d2adc0558a54dc1eda452c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39fe739e53519aacda091d24d5f55348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord516
ord666
ord593
ord300
ord594
ord595
ord303
ord598
ord599
ord306
ord520
ord309
ord631
ord709
ord525
ord632
ord526
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord713
ord608
ord531
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord570
ord571
ord573
ord681
ord578
ord685
ord100
ord689
ord613
ord616
ord617
ord619
ord650
ord581

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE