aa66855629fd9ff5b21d965c918b9dd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa66855629fd9ff5b21d965c918b9dd6_JaffaCakes118
Size

292KB
MD5

aa66855629fd9ff5b21d965c918b9dd6
SHA1

5ea84d7456ea6a5e871beb3077eea04ccbecd0fa
SHA256

d0b3f5d98749b41921a76ca4f4f70b320a0f8408f6df6c22be223f36609a561a
SHA512

0a2063a5bd4710d93fe3d75624931bed2316615845f79a3853bf5375afb1da26cbb4393ee24cac44a771aa6207364288f02ead546ea732f1ce8367f4b73ac31e
SSDEEP

3072:hvKX0e1FB/DpKjCLHAMh8ugZfYoxfbbCZfYM:TZwoxzOZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa66855629fd9ff5b21d965c918b9dd6_JaffaCakes118

Files

aa66855629fd9ff5b21d965c918b9dd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

262889fed7161dc428064854dcf90cf0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ