a65ca8da942d56aeaea6e33262bb2df0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a65ca8da942d56aeaea6e33262bb2df0_JaffaCakes118
Size

220KB
MD5

a65ca8da942d56aeaea6e33262bb2df0
SHA1

17751418da831d568634f8c5a5fe07672bb1ffdd
SHA256

16028f8e7c7c66207ddf62b00645f20722c53d4d12bd94a403ff35af1d7bbb16
SHA512

551e87da73a7ecdd86b10a977966960dacf7f1ebac5bf05c89ae6fc4c47d7c6e4007c9071c2c1f1120d5aa2417edb21d8d541fefa1df263f5a52a15e5c2c0860
SSDEEP

3072:dGNFtPwgwfL4CCwPSO1Cq2D2YtkDugUkN/sfuX98u7sa:dYptwfL4C67DLEugfN/sR1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a65ca8da942d56aeaea6e33262bb2df0_JaffaCakes118

Files

a65ca8da942d56aeaea6e33262bb2df0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cad9d7a1e55dc4edd87135d205fee319

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory

msvbvm60

MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord537
ord644
ord100
ord616
ord581

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE