ac57481517e76962fbe7d41b68cb8a80_JaffaCakes118 | Triage

Sharing

General

Target

ac57481517e76962fbe7d41b68cb8a80_JaffaCakes118
Size

312KB
MD5

ac57481517e76962fbe7d41b68cb8a80
SHA1

751803ef13827dc3fcd52b5c7951bfdb8a13ebc8
SHA256

a901b0038d513d8afb23f768fac26158d3c4364b33b1afae3a5e22d583b7b918
SHA512

6d6f92e1e92f33b06255c3089ca6d30a42456666ec3311046134e0278bd27ff209f0161556531e50e486c6f0603fe51bd73054d537f241646b0d2b4caa9e98ca
SSDEEP

3072:7Od1fOZVUVZ2hxYK7D5zdy3+P+kdMA0xEQEtAwBoJ2hyYK7D6zdy3+P+kdMT4+sb:7k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac57481517e76962fbe7d41b68cb8a80_JaffaCakes118

Files

ac57481517e76962fbe7d41b68cb8a80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3014100170185c2b9a504ac2eb0b6840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord717
ProcCallEngine
ord644
ord537
ord573
ord100
ord619

Sections

BitArts
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE