c068ad84d0e7cf5b77c57eb952768edf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c068ad84d0e7cf5b77c57eb952768edf_JaffaCakes118
Size

240KB
MD5

c068ad84d0e7cf5b77c57eb952768edf
SHA1

ca27ffccd66c0ff17a2895fb18253acf1e4c25e0
SHA256

b659f24e432955090f7f5eb53ee9befc7173cea87311ec1f5b009fed3078a1f5
SHA512

4db8b47c1764d2ab1ecc6ba20ab703beba24bb071c3e4fb053b72dabe62ea8d101bfeaf6cd7aa2e060ec051857885ab478c4317aeaf9df943e4e27e998d3003b
SSDEEP

3072:/oWFTTRTynskdAZz6D3rvL3qMBcmcrWpYIeciGq+paIStdAZz6D3rvL3qM:9GbH3qZ8Hzppa/bH3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c068ad84d0e7cf5b77c57eb952768edf_JaffaCakes118

Files

c068ad84d0e7cf5b77c57eb952768edf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e55912dd339867017d9f9fa7b7292a67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord628
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ