afc236a5988e8340a6e61b90a8b4b308_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afc236a5988e8340a6e61b90a8b4b308_JaffaCakes118
Size

855KB
MD5

afc236a5988e8340a6e61b90a8b4b308
SHA1

0d16a53c0f7a64e078d5948b039f20cd6ad13f8a
SHA256

b35bbdf8ba80d41da0c86c1fbc68b1720f47f34b5c7bfc791e24601125131246
SHA512

d1a2049d14516fa83a3b65464a3c336b4b7978f8f321b33c1c508485ed060ea31309139d4e888ca6cd60a35922ede5f4f3f52b2b64d4f7531276c3d3945ce104
SSDEEP

12288:EW0lp+7uvT9dL0F8axsy9DQ6BrmvcAUScgg4wAiFyPMyZqxwv:RaH9d4DH9DQ6BQZzcggHA4yPMyZqxwv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afc236a5988e8340a6e61b90a8b4b308_JaffaCakes118

Files

afc236a5988e8340a6e61b90a8b4b308_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed9b47848be1a98aa3d0ebf10ac95553

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

MethCallEngine
ord516
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord573
ord681
ord578
ord100
ord619
ord581

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ