afcd1bcf3f8e620d3403846f0b162bd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afcd1bcf3f8e620d3403846f0b162bd7_JaffaCakes118
Size

148KB
MD5

afcd1bcf3f8e620d3403846f0b162bd7
SHA1

2ec964b4d662b7b426479180a935d5260256fbfb
SHA256

2bdb016648b383b488c0687ec1adee68b544a9092c412ebf0722a15fb34b231f
SHA512

3b266d8b6ef7b28b99fa9a5f3a8c6f320e4cf0d96f8717542c85e311f42708f4ff19213e06d9fc9a37fc58161e1430d7bd146f7df084cf1a7fba769637685bca
SSDEEP

3072:FDCo+79UR/pYbcI5Z9Tp1C/fyOLmHmMg8pZPhU2:NW95bcIpsfyCar5ZPhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afcd1bcf3f8e620d3403846f0b162bd7_JaffaCakes118

Files

afcd1bcf3f8e620d3403846f0b162bd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1701715f8a237c267cd6a87f46e7ff4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

msvbvm60

MethCallEngine
ord516
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
Zombie_AddRef
ord100

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ