be1975cb9cafcc7c20103cf20a9b5a99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be1975cb9cafcc7c20103cf20a9b5a99_JaffaCakes118
Size

172KB
MD5

be1975cb9cafcc7c20103cf20a9b5a99
SHA1

2cb4a07a939a7723afcf02b64a8d60345b84358a
SHA256

1572976bc24b6f6e6542319069c8b5b19e4ca67a6c0ac081a40fb814bf1b47af
SHA512

f674f5c9ed6c6fc5568260653b254e1a5bf125f03537ee1f8646fc8e98ef75705e7177689a1c510476c572932cc9130e64c80f9370d7926993ff2755736a6c69
SSDEEP

1536:e2XQaQtpQWo2c7AN0lCh4Xj6QBFbAmnEcAqQygxGFcxgu5PSOUDbRSEwc+TjDGyv:/QpCANZ4T6Wb5EkVXuSHSEwckjSC/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be1975cb9cafcc7c20103cf20a9b5a99_JaffaCakes118

Files

be1975cb9cafcc7c20103cf20a9b5a99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e98caaf0725ea57073fe9d0e37f8b43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord595
ord598
ord520
ord631
ord632
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord572
ord573
ord681
ord100
ord617
ord619
ord581

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ