a5d2c1872e2004dabb5af46daacc5c03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5d2c1872e2004dabb5af46daacc5c03_JaffaCakes118
Size

288KB
MD5

a5d2c1872e2004dabb5af46daacc5c03
SHA1

84f0826e56526fa0e746c9f069fe7f16a7cbf57b
SHA256

4e4378550ea4abed860ec94caeb58cc7bccc2c5df74773f0c7526a1885c3bef8
SHA512

c3f1b9e6fd90e5d4043a3658fe8e70ff3e965a54617788b5da92cdeeb41d2316c6737f0538e8b21a12d8469b1d9644a3b4bb738c1afb543aa0cc7f7599fbc022
SSDEEP

1536:GpaXQtRMgTxH9qvUhOjY1CnMMMZmbQtafER+TIlyX8JWLAdKP0BuD4ViHs5G7wN/:FQt1xm4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5d2c1872e2004dabb5af46daacc5c03_JaffaCakes118

Files

a5d2c1872e2004dabb5af46daacc5c03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae3713ad4cc87cdb64cbacfcb4679e6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
Zombie_GetTypeInfo
ord303
ord309
ord631
EVENT_SINK_AddRef
DllFunctionCall
ord563
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord717
ProcCallEngine
ord644
ord537
ord100
ord581

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ