bc2b1734374a9af4ca4dbd6ebb40f7a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc2b1734374a9af4ca4dbd6ebb40f7a5_JaffaCakes118
Size

261KB
MD5

bc2b1734374a9af4ca4dbd6ebb40f7a5
SHA1

eef3fdcf6c47060f80054ed1035129a69f0e8b40
SHA256

600c28bc913db2b4fcf7834c939d62ffa493051edafd04e6a08042ca28e8ccfa
SHA512

9c4dabe562aedb7194a56951198a7493053b3bdf98b26ff17f352a23eb99fdcdf7fc776bf438517ef431a0b245174258c1f54aeb4655dbc457334d8bf5a4fb64
SSDEEP

6144:FCgk+Wnw2oPGeS0dfiGZOvUfTVs6Stt0nTP/WGFlc49Ou6K:GVw2oeIdnfTaUD519Xn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NEW TT PAYMENT.exe

Files

bc2b1734374a9af4ca4dbd6ebb40f7a5_JaffaCakes118
.7z
NEW TT PAYMENT.exe
.exe windows:4 windows x86 arch:x86

7dc3535804fcfead0c07dd0faa330066

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord697
MethCallEngine
ord557
ord558
ord598
ord705
EVENT_SINK_AddRef
ord560
ord674
ord568
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord531
ord641
ord537
ord100
ord616

Sections

.text
Size: 608KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ