aa6888cbef1bfed13ccd47dc0f6e4530_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa6888cbef1bfed13ccd47dc0f6e4530_JaffaCakes118
Size

19KB
MD5

aa6888cbef1bfed13ccd47dc0f6e4530
SHA1

67b85ba0fd6e5188f847b6b456f98eedab1b1490
SHA256

97a81ceccbe2d54da1abd10152dceb5e0fc5b4acbd29cb8cdd04e664e02001d9
SHA512

b9865cfe13f72785b0b1c9f74a0f2ac147faae13bcaa707e2151be74763a6c0d0aa5d0418d9cb8ade17a380f5b7b14fb0fafd9c7def4b0f5d4af2dc5f8f0b8bd
SSDEEP

384:0zZ2ogkHuIfT+fIQ+5HTaZ2ooAa+nEWSDzriXQlD4UouS6WvWfmC:2Z/9OIfSh+5pe5nEWSDzrK84z3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa6888cbef1bfed13ccd47dc0f6e4530_JaffaCakes118

Files

aa6888cbef1bfed13ccd47dc0f6e4530_JaffaCakes118
.exe windows:4 windows x86 arch:x86

375c7402f8748b0ff0440c4212cdf8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarSub

Sections

pec1
Size: 13KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE