a8cdc03315dc6271a18d5f65af6da3de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8cdc03315dc6271a18d5f65af6da3de_JaffaCakes118
Size

24KB
MD5

a8cdc03315dc6271a18d5f65af6da3de
SHA1

b09230f173b062566264d0e3aeb67084d5c95b18
SHA256

ad6646103305e0f8f2d8510a941e026225efdce4fb1751aef86f10ce7800955a
SHA512

560a5f5f1658b77b3b421b2474a7fc3fdf305075e0e70fe3a685a177dd80be33f27451874bfebe9e5dd4e9c09eb7a484cc6772b19f966686710586e186eb5c3a
SSDEEP

384:04Jfs0EMqoCFqgNQSXnGQB6e+4TMYnsOMw:04MMrL2MYsO1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8cdc03315dc6271a18d5f65af6da3de_JaffaCakes118

Files

a8cdc03315dc6271a18d5f65af6da3de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3533f27af61859bbd885b580a2cf6bd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord593
ord594
ord598
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord648
ord570
ord571
ord573
ord681
ord685
ord578
ord100
ord616
ord581

Sections

.TEXT
Size: 80KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ