b68a524ad2a14ba3f87424f821d7f034_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b68a524ad2a14ba3f87424f821d7f034_JaffaCakes118
Size

16KB
MD5

b68a524ad2a14ba3f87424f821d7f034
SHA1

961afc0d75622508ee8c19027eaaed328978a115
SHA256

d06b50c8497224beb351b26844ef8d16a90e1854fdabdf769d2263cec5206e67
SHA512

601d195cc39def9b1f07038d44148ca0de8396961c4620ef57ea41f5635e5b948faac9694f64efc32bb795429e4cad5c50c5f10025c42dfb68e5ec7e4e9b599c
SSDEEP

96:hM1S6nHnxDyKE4tn3/TCwVmkutIX9fbgfSKELGrLGBLP0d8nGVs41KU5ntnTU5np:qAOHxDLPtPT33xXG1KytTyDRNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b68a524ad2a14ba3f87424f821d7f034_JaffaCakes118

Files

b68a524ad2a14ba3f87424f821d7f034_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b44b266b263db5a83ac3df1d50da418

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord666
ord303
ord309
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord716
ProcCallEngine
ord571
ord576
ord100
ord619
ord580

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ