acc59f9d482788d885de2c9b7909ab26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acc59f9d482788d885de2c9b7909ab26_JaffaCakes118
Size

328KB
MD5

acc59f9d482788d885de2c9b7909ab26
SHA1

b6f34e799c74db532f3afae5852ab2e813c0d0b1
SHA256

f0fc90e92697edce1eb3b367e24d92efccf831256c703336a773ae9b38a56ba3
SHA512

fba5dc416dddca8baada690d6241940e8bd66caafdb6abfd91cb30c4558d68e158786cc2f566f9fc9635d8db4ef7704296a904aeb890bedda219ae8516ce54c8
SSDEEP

6144:LH9iG/ohXKIiSweoIkMHrLUrVXTDuPzfLDeLd3A+BS38L7lXHDzNQEXt:yXKIxwdItPUrdk7LDiw+IolXjhQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acc59f9d482788d885de2c9b7909ab26_JaffaCakes118

Files

acc59f9d482788d885de2c9b7909ab26_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

922424ff4e6d82e1aa12068913ce37ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord608
ord717
ProcCallEngine
ord644
ord100
BASIC_CLASS_AddRef

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ