b4fb2a3e011183266acb588d8535465b_JaffaCakes118 | Triage

Sharing

General

Target

b4fb2a3e011183266acb588d8535465b_JaffaCakes118
Size

1012KB
MD5

b4fb2a3e011183266acb588d8535465b
SHA1

23b854d7b51b26a003e5514bd3a4dfd3f2f7fcf7
SHA256

9dfdd7417dcd0085acaab19cfbd1aecdcaa9cd653a8e29736d4debf5edceb09b
SHA512

15f9b4691cf857d1984cf601c51842d56c9a70f872e5fb164af549478e8ec0156382018284c0b222dd3a825e970539995681d2978eae810d4f837fbc14dbb309
SSDEEP

768:wH8hp3itG3/DJXRlz9xYN4FIM7/K+5+IYhnuwoJu1IzFA6PqnYjuviXJy+enxJTj:t3usXbMN4FhGFhubS8LU+eH1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4fb2a3e011183266acb588d8535465b_JaffaCakes118

Files

b4fb2a3e011183266acb588d8535465b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf7b825a6f9aeaccf440d74d6ff2d4d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord300
ord595
ord599
ord306
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 1004KB - Virtual size: 1003KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ