afe008c1feeefb5b58a60b5408e620da_JaffaCakes118 | Triage

Sharing

General

Target

afe008c1feeefb5b58a60b5408e620da_JaffaCakes118
Size

400KB
MD5

afe008c1feeefb5b58a60b5408e620da
SHA1

65ff2bb0f9d93077781259ace4cf782839e8be75
SHA256

fb21e6f60ef7ec31769714f5feb05e200d843b19ee2d05a70a74a774b9b61825
SHA512

28e267ccb795c41740744e0faeb62f47f7d43402a8cd252c28611ae935c142980b237ef31983aa635a2613ab0006646b5e739b2425896faf92f3f9fb1874ce88
SSDEEP

3072:kgeAX0e1FB/DpKjCLHAmDuNBdfVYwFUJzoqxh/BbYYNBdfVYwFUJzoqx1oDT0b2Z:QHVYwFZqRTHVYwFZq6Tqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afe008c1feeefb5b58a60b5408e620da_JaffaCakes118

Files

afe008c1feeefb5b58a60b5408e620da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76620cbe5ce210ce23c00ff775771ad5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sxnlsrv
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlgugbj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE