bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118 | Triage

Sharing

General

Target

bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118
Size

47KB
MD5

bd136950eb3aa888ffd02e5d32ce6af1
SHA1

c1b3176038e37f370c5fa12c15144939fe3eb3b6
SHA256

fa159c13a78855dec40a5d02641825a9216e07f940e58481f518e4354e652820
SHA512

0f9f122a33961b7a163bcd67edeed368a4468657c9ae984135097a9ff2c096d9325f46af89bf21efda8c83d8cc90c4966fc1be2c64bdaab8289ae05d1bf25738
SSDEEP

768:i+ou3nE7rrFi7q7gv0FYc6SPmc4GBNQfWNQdnihea5hyKv33333f1zA:obSxSPmbGc+QhaKKv33333f1zA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118

Files

bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec2b91102f084c4cb4eb0311e02fe3a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LoadLibraryA
LockResource
ExitProcess

msvbvm60

MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ