b39d11fe9c3ccee6a1800267401cdab7_JaffaCakes118 | Triage

Sharing

General

Target

b39d11fe9c3ccee6a1800267401cdab7_JaffaCakes118
Size

295KB
MD5

b39d11fe9c3ccee6a1800267401cdab7
SHA1

23d5442dfc4678f4ac9401f03b6cf4a174aff9fa
SHA256

29b8a52831996a2daae7f16175f82bc3e30df0bc49fc40af1592e538d1c8a34d
SHA512

9d2b66e1bab7b012b98bbe301a7c1e65a6b67b7a0dc61fa96eb21bede431ec93567fac52d28ae1a2c90210116acf0b1f782288c291b5af6f3885693ca4d8ffa5
SSDEEP

6144:9jmqYIojT5pSHN+TijRV9IX8Tq5lh1SIaHH/9MxoowAwFePh5W:RpoHStgqoMT2PaHf9MOowAwkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b39d11fe9c3ccee6a1800267401cdab7_JaffaCakes118

Files

b39d11fe9c3ccee6a1800267401cdab7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48ff1108924feb18f986ee7185a6f05d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaStrI2

Sections

pec1
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 281KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE