b021892772f5dd3a38d96663a8c119d6_JaffaCakes118 | Triage

Sharing

General

Target

b021892772f5dd3a38d96663a8c119d6_JaffaCakes118
Size

100KB
MD5

b021892772f5dd3a38d96663a8c119d6
SHA1

062eda4fb282a08dcb3eb7b747ba513841b9fc7f
SHA256

db4e4e193323e012d36485ab0259a5a17b540f1f813502c4605c3b6119ba8f3f
SHA512

b6f91a9861367decfbea3a8d63bf5a25167fd2309d2576762f464e52f1be9e91becbe6281f0a6d9f9f51c45ce36774a3d6d5d52345e64c314a061b4b9447a726
SSDEEP

1536:4qyeYzw2HkISX2ynnIPL4Kd2K7GW5ypekx3OWaN64:4qyeYzw2HRSXNIPkq2K7j5lWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b021892772f5dd3a38d96663a8c119d6_JaffaCakes118

Files

b021892772f5dd3a38d96663a8c119d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c929b3ea5924026453610b85f7013772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord593
ord598
ord631
ord525
ord632
DllFunctionCall
ord601
__vbaExceptHandler
ord713
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord570
ord681
ord100
ord616

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ