afb06996b1542a69177d4ccf5898b3a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afb06996b1542a69177d4ccf5898b3a5_JaffaCakes118
Size

20KB
MD5

afb06996b1542a69177d4ccf5898b3a5
SHA1

d2222046f2569a2fdcd955842c81f23fbfe41e8b
SHA256

448f770e2858a4a7b93cfd7e3bb1b6cae6b7c7a09167e4eb42292c9b5b81226c
SHA512

7bf8a72382d62102d96f3ea89f4b3db944053bc9b533388bc6cba94821bf54d8d452ec03ef27b20ca25ecd0aaa444c002be9311e1e37e78e01f5d33e75ecb5db
SSDEEP

384:lnQwGWTIJzoGs/HvqVkMzN0B7TaP+ONn:JcWEJ0/PqVkMzN0B7TaP+ON

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afb06996b1542a69177d4ccf5898b3a5_JaffaCakes118

Files

afb06996b1542a69177d4ccf5898b3a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a759ed0d2f310088ca51e3f3d72ebbfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord620
ord516
ord662
ord593
ord300
ord594
ord306
ord631
ord632
ord525
EVENT_SINK_AddRef
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ProcCallEngine
ord537
ord570
ord648
ord572
ord100
ord616
ord542
ord545
ord546

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ