a3c37f95b29dacaa8846427e13cad2e8_JaffaCakes118 | Triage

Sharing

General

Target

a3c37f95b29dacaa8846427e13cad2e8_JaffaCakes118
Size

272KB
MD5

a3c37f95b29dacaa8846427e13cad2e8
SHA1

d99681f1093dcceccf294d4dfbf0109077bf2f97
SHA256

f3e3629d1a377f1cc46f6210e5e866a7e27576453607fc485ed35aea2d6b14d1
SHA512

d39cb2570c70288b78b69c89fd3f2613874fab8230bd5aecb966c268b0a6dc9a75b9d890813eaf04a53d3ce73372d02a66d9888dd1fa0f07c6aafe92e4b1ed29
SSDEEP

3072:JIdcFLEdskgrt05bnwhVh6PTPKW4i0qXyOQm79m6OTkbd:SWjZ0xCVh6nikRm6z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3c37f95b29dacaa8846427e13cad2e8_JaffaCakes118

Files

a3c37f95b29dacaa8846427e13cad2e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc39d6bcccc6aed12cc7b3f6f5003c3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord100
ord617
ord581

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pmhjigk
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE