be6c6483c1a40817d607c701e1f47d4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be6c6483c1a40817d607c701e1f47d4c_JaffaCakes118
Size

28KB
MD5

be6c6483c1a40817d607c701e1f47d4c
SHA1

cfe9ddf3a9d8aa4848b4abc32f9d86a6cff0a2b7
SHA256

ef71d552093f2f612c6532ba54a6c8385043e620ef46a4ed739d5e2dcfa26f56
SHA512

f399a79727449eae7acfc829777357b7134eb19cd80b9b46f324d8de86c40104289248338e8a84a8c332c9f4d3396bb1adb141b4dd93820288e5beade98a680a
SSDEEP

192:B/2+POvvWCm6TfoXvv48UDiiN8Ey0GDTQh0B7VOX7bQ5oKila2CWWHY9utRYgvs3:B/NLh/vXgiQAViwLilxCWWHYYtRGKW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be6c6483c1a40817d607c701e1f47d4c_JaffaCakes118

Files

be6c6483c1a40817d607c701e1f47d4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7825319ea1befbce6eeaa4e8702e10a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
MethCallEngine
ord519
ord595
ord598
ord709
ord631
ord632
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord681
ord100
ord689
ord610
ord617

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ