bcc81fc9e5ef05cda173eda9ca482150_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcc81fc9e5ef05cda173eda9ca482150_JaffaCakes118
Size

196KB
MD5

bcc81fc9e5ef05cda173eda9ca482150
SHA1

c771d4d04898a4d773c195cdb5f6a4803bfe5d21
SHA256

31232a9715479157d420f39af71dba356c451bfb2e99ca24a426093e4fc23e68
SHA512

72d845e1773c146ce2809838bd6282fcd73f4da80786b0624f83ba0923276570479e8d4d07f505c9e19bfae3625d0322b0af0f37f6f158588bbacd117a5c4bc1
SSDEEP

3072:re0UMS5zH41mVSxp/AMi86yEXkqSCDXjZfWNU2HUh0cYuWg:a0nYzH41JlL4XklQjZQJUh00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc81fc9e5ef05cda173eda9ca482150_JaffaCakes118

Files

bcc81fc9e5ef05cda173eda9ca482150_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb6f38be18b4aa522d212d68e35dbad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ