bb51612d1edb35df080028dd1aac589b_JaffaCakes118 | Triage

Sharing

General

Target

bb51612d1edb35df080028dd1aac589b_JaffaCakes118
Size

60KB
MD5

bb51612d1edb35df080028dd1aac589b
SHA1

8f8b36318f7501ddf2677098a654e18716557257
SHA256

99d181e2a001720a2d65ea977993ab525135e652961f7d74e64422f018ba6a17
SHA512

954bf235706157abe469dcf026e2f7d53948e76bee8b3716475904b1f377f19f38f2509f97c0b9649ade71422b8b1bc1837e9076cc1cbd0f89f7270b1ba8226b
SSDEEP

768:+7SpCTLYxhIPBryUmU6tI4UBndTaDyNMRzEQU5e3bw1o+ZuW4Vr:+7ZPGidjCCndTuyNMS3cw1o+ZsVr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb51612d1edb35df080028dd1aac589b_JaffaCakes118

Files

bb51612d1edb35df080028dd1aac589b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9eaa13578ff93c9a33abc464be1a961

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord187
ord696
MethCallEngine
ord517
ord593
ord594
ord520
ord632
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord645
ord570
ord100
ord431
ord617

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ