a5ec9e0ce7d0373f7165f233118b7442_JaffaCakes118 | Triage

Sharing

General

Target

a5ec9e0ce7d0373f7165f233118b7442_JaffaCakes118
Size

96KB
MD5

a5ec9e0ce7d0373f7165f233118b7442
SHA1

44abb973dfa946e4cf895e4775ebf09c4f02e98d
SHA256

0f289eacd0d0048a1246b09446d2b4ff7f80823f29af8fbae026acc189ecf48c
SHA512

1aeba74957000cb6d3a121a1afb6113b084200ee3c7b4292416d82fcaded499b171629465b5070fde608c44f64f745b813022ef879f212d922cc628aeaa21d8e
SSDEEP

1536:Ggh/Qk5xkuRBTxnW069gE9nKzFre0FT98nPhSf2P+NpB2eXhYgcjW8F:Th/Qk5xkuRBTQ0UhRMX+g6W8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5ec9e0ce7d0373f7165f233118b7442_JaffaCakes118

Files

a5ec9e0ce7d0373f7165f233118b7442_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d081d4781d2cf492e353c6da605e38a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60.dll

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
Zombie_GetTypeInfo
ord595
ord303
ord309
ord631
ord709
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord608
ord717
ProcCallEngine
ord537
ord644
ord645
ord648
ord570
ord572
ord573
ord578
ord100
ord616
ord617
ord650
ord581

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ