afa4b3072452b5a02d593105155bb484_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afa4b3072452b5a02d593105155bb484_JaffaCakes118
Size

596KB
MD5

afa4b3072452b5a02d593105155bb484
SHA1

d32cbc647a31a49f537ec66770cecb7eb0ccd2e4
SHA256

ecef61647dc53b9186af18da54a17709ecd24a4ff2eeb2266fb4c626874a0b18
SHA512

c40a5688eff31cb465b84cdcc18c8027cf55d8a3d629a1f711980109b63183e20a6b9d28cb130fb658cb0a29f5fc18047c1407e124330575443d5b8e6547fc64
SSDEEP

3072:23EZh7cpElZ7lKyMeCP5x7Xn8gsV/R6SAscYMp/TSBTkij5b4MvbGeWbIBFyYtle:2QQ16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afa4b3072452b5a02d593105155bb484_JaffaCakes118

Files

afa4b3072452b5a02d593105155bb484_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ce216327d13f46ded8d41108088fa75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord597
ord599
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ