a37fc34c0b28f112c63db5003a9dbe9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a37fc34c0b28f112c63db5003a9dbe9f_JaffaCakes118
Size

40KB
MD5

a37fc34c0b28f112c63db5003a9dbe9f
SHA1

268fba875d7d702be0c02fd33ba7f969d2b63d66
SHA256

73c35f8b714356dac9f6d539614fefe63ae31aa00a29262c36d42b08e6d93443
SHA512

7d7807f33ccadc79d33c13bd8dfacab217e9c11a10c6e934b55b08609aba35b0cabe2ed0618ea46a90a1ee360bfd136f4a07046c476fa7bf06abfb1b2f6d9be3
SSDEEP

768:ficEdROcfJWkdeCJsoJPmolNYhEwkhqWOWSRZnFKn:YdRxJWdokolNnqWOhSn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a37fc34c0b28f112c63db5003a9dbe9f_JaffaCakes118

Files

a37fc34c0b28f112c63db5003a9dbe9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf16aba5b3d01cb9a9266cdb64c6eca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord595
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord537
ord100
ord617

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ