bd98a1985ac3b26c234f895e0d3aef73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd98a1985ac3b26c234f895e0d3aef73_JaffaCakes118
Size

652KB
MD5

bd98a1985ac3b26c234f895e0d3aef73
SHA1

e4d81b693445a52a38c25ef13c2886fb21541fee
SHA256

a7db844fbc2327308e2a59086b9321d921f407ab6c720175a503bfe19e5bce0c
SHA512

f4c9ccbef744a898849edc40d4c60402db7df64db4de6b286e05e132c1258e0fde75bf57bc7f5b52d1c419c9ca51951fc36659fbee1f5758554b16208d3cd9fd
SSDEEP

3072:g1333333333335SkhjnhFAQEqSw5duRZfrg0KiFeRROwzb++S8hjhC6RvV8worXP:ekV2ODKEN2n/M+WJ/04KLA1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd98a1985ac3b26c234f895e0d3aef73_JaffaCakes118

Files

bd98a1985ac3b26c234f895e0d3aef73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea64901e589957384fe1a5bee675d352

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ