a532b23e462f9fe1ee8401fd45660747_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a532b23e462f9fe1ee8401fd45660747_JaffaCakes118
Size

48KB
MD5

a532b23e462f9fe1ee8401fd45660747
SHA1

aba8fc06349327fb9461735c11218384ae4ea6d6
SHA256

e36802027bf9e9e1e94186bc90394d5f663d43aea37c640626f0ffc065b54fca
SHA512

81984421a4b7d385ec88bc4029ab7b7aff8c9361e7c0c609c24793a4bdbd19a91e54bea323d637b2011eb09f97524da5a4543d1256c34c697bb620676e7397d8
SSDEEP

768:h2XdEOvHLuc2umeWWxB5ukBHld5IPZHp8pXoKOsE4X:cJvHLuc2umeWWxB5ukL8PZHp8pY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a532b23e462f9fe1ee8401fd45660747_JaffaCakes118

Files

a532b23e462f9fe1ee8401fd45660747_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a115e9869829917116ba8091a4758c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord595
ord303
ord598
ord520
ord309
ord632
ord525
ord526
EVENT_SINK_AddRef
ord529
ord561
DllFunctionCall
ord563
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord607
ord608
ord717
ord532
ProcCallEngine
ord536
ord537
ord645
ord576
ord685
ord100
ord579
ord610
ord616
ord617
ord618
ord580
ord581

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ