c926a3e05fc5480c28eafa6cd4362772_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c926a3e05fc5480c28eafa6cd4362772_JaffaCakes118
Size

447KB
MD5

c926a3e05fc5480c28eafa6cd4362772
SHA1

067e611fa6ebdf2b6d13061eb26d5cb2995d02f0
SHA256

b58d48998f30c02925412566e283c3a504f21d8f547947bed8420903ab495d0a
SHA512

7905956c5c74c2f038a446959e82f2f8b89d84c30089a9541cd3652c590281ad7685cc28b74e37993d002648f133567cdc18b661885285ff138db7c2a26f5258
SSDEEP

6144:cLF/G6hMvN0dF+2jGveHQ8hk+JTpqmMbEN4ipWEBLZ:c0AFlju8hk+LqUsS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c926a3e05fc5480c28eafa6cd4362772_JaffaCakes118

Files

c926a3e05fc5480c28eafa6cd4362772_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed78f36623388540204342150ae9e29a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord537
ord644
ord572
ord100

Sections

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ