abaca7a060ed0e01266f0d8b605d5d32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abaca7a060ed0e01266f0d8b605d5d32_JaffaCakes118
Size

762KB
MD5

abaca7a060ed0e01266f0d8b605d5d32
SHA1

ed9428fc824c0a2af7cf0b030d38c2cbcbc20ee6
SHA256

263d16530c4f6f1e712357737bfb0a61bf66655e28bacdd4acb0f268a6b68d28
SHA512

c3dfb8aa585aa0726de2a64f8db22a5e44c2f816d7450a4f82874d31099e55fc9396219b6c3da9cf500848fda39835db23d01008c75fc29f9f56b39053c3d085
SSDEEP

12288:UqErlaT+0XQDeiwbAnb6n2oQZOlKy0locwHFyHSg+B23L/EfqvupuK/mHyckTW6:UqER0XQqJbAVoQ2Ky8we/3L/wGupubH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abaca7a060ed0e01266f0d8b605d5d32_JaffaCakes118

Files

abaca7a060ed0e01266f0d8b605d5d32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1966b0756465dbe9829e1efca51bba7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord621
ord516
ord595
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ