bc9c5900f203c4b14a2435dccab277e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc9c5900f203c4b14a2435dccab277e6_JaffaCakes118
Size

68KB
MD5

bc9c5900f203c4b14a2435dccab277e6
SHA1

9a68277349ee3c7df467d95f51e34b449c8747ec
SHA256

1e4ccd94eaab74f4db8b81bf50cc2ed7d3880e56c728fd7283502e86b1aad730
SHA512

cccd56eb1a80c2970c9a7b20dec9e715c3d0431483bf218ede84df2bbeeff5591d58ef5bfb5e1af77e67f36074cc9897b61332f5ff5c2e2fea10cf0c8ca5a1b8
SSDEEP

1536:aDfr4KvsBu/2RJYX7EyvvNLx2v7Dky05sD:ScRJYXOD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc9c5900f203c4b14a2435dccab277e6_JaffaCakes118

Files

bc9c5900f203c4b14a2435dccab277e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a332ec6ebb24e97ed8c0d0294bc3c9a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord583
MethCallEngine
ord516
ord666
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord608
ord717
ProcCallEngine
ord537
ord644
ord573
ord575
ord100
ord617
ord619
ord581

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ