ad3ecf52e68a2185b53304bb858bb609_JaffaCakes118 | Triage

Sharing

General

Target

ad3ecf52e68a2185b53304bb858bb609_JaffaCakes118
Size

596KB
MD5

ad3ecf52e68a2185b53304bb858bb609
SHA1

6d56e98364b99987d296cf90ab2ab0ce1448bbef
SHA256

3d18aadb4d297bd0173fb050a1907c3a1f6ea93142264fab50790454474afa34
SHA512

33f7278f6b50212d05e235dd0803c6c54d322f11298d32c1d5e5a96e76deeed80d38eeef4b098d911643c38ead28ca806a55d4a9428450dedaa0407a3aed10c8
SSDEEP

3072:YfluM7g422i4SzgHkdXEgw8bPba3xv68ERMHtbirXDtAvd46XFTmK11NfN:Yfki11h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad3ecf52e68a2185b53304bb858bb609_JaffaCakes118

Files

ad3ecf52e68a2185b53304bb858bb609_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7f709a01eceb8aa5ddf7c5771e65fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ