a4d395ebae14f74d18192dda81486d4c_JaffaCakes118 | Triage

Sharing

General

Target

a4d395ebae14f74d18192dda81486d4c_JaffaCakes118
Size

20KB
MD5

a4d395ebae14f74d18192dda81486d4c
SHA1

e6341ab7f872f3f7ea209dff7522c83227f7db47
SHA256

b3e653a1323aeba5fd64e2639612f1ed6b98dd101a0c6f851720d650bf674a80
SHA512

9ae873c24e701a85fe56ea9b5cb68762e1a67a1fe9f7a75e71e6a8f39f03d33343f9cabb891a1c95ed046db017a947dfa4671cb3c5aa302c1976c0b38a1d0a23
SSDEEP

192:h7hdv+xodTvn4Pa0C8iZfrZUQour+y8vQico7KwzqT:Nvc8vnCa0XiZVxxr/YCwzqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4d395ebae14f74d18192dda81486d4c_JaffaCakes118

Files

a4d395ebae14f74d18192dda81486d4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a2c47f71eee4ea170990c98f6adf0e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord631
ord709
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord717
ProcCallEngine
ord537
ord644
ord100
ord689
ord610
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ