c7ef6159ccd2f35774bd99322b14bb31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ef6159ccd2f35774bd99322b14bb31_JaffaCakes118
Size

64KB
MD5

c7ef6159ccd2f35774bd99322b14bb31
SHA1

2b2ad3cd9e597397fdf0ef72f754e75162b05022
SHA256

5a67bb0cf678d491641c9c763371625c6937bf8c591b47e1f2ed2e806554cefb
SHA512

de1d37d3c72312e57dbbcdc7c5bada8f7fdb4eef4973222b9000b985b37955092e207a0dc7169df681c5ee5b99e233d8d6a0eaf73981fac81280a44698ea3963
SSDEEP

768:x/ZFGkDtLtFhJ1IxtvkAC38kBTCkUp67hpVOTjwX883UHjfL6mOZCe9JI:HQkhhJ1qtMZMaGP8S03M6mOZCe9JI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ef6159ccd2f35774bd99322b14bb31_JaffaCakes118

Files

c7ef6159ccd2f35774bd99322b14bb31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5df5c5121d3048ca3fad4efa0274aee8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord593
ord595
ord522
ord709
ord631
ord632
ord526
EVENT_SINK_AddRef
ord561
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord608
ord717
ProcCallEngine
ord535
ord644
ord537
ord645
ord570
ord648
ord100
ord616
ord617
ord619
ord581

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 4KB

.MR
Size: 4KB - Virtual size: 4KB