ce93e8d0d7bcd6bd6275d04d5741d1b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce93e8d0d7bcd6bd6275d04d5741d1b8_JaffaCakes118
Size

108KB
MD5

ce93e8d0d7bcd6bd6275d04d5741d1b8
SHA1

3e92c6feaf8058f8616a47ca47db14c073021f84
SHA256

75d88142223054ed2cebe6ade54aeb69d0f8d271021c1969cbd59915196251a9
SHA512

464c0ad4048dcc7d78109f5cf3a669b19e756c8aafa7b7f4281a31110e2178e5bd5db0022b114e9a8472e8017db94d402cba512689d546b13aff7278cd5aadc9
SSDEEP

1536:0hAaJcZ6kSKECfuHoYIX3Olu+capTurrOkHBJk1dUo0:iA7EkEC81IXeQzaNuRM2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce93e8d0d7bcd6bd6275d04d5741d1b8_JaffaCakes118

Files

ce93e8d0d7bcd6bd6275d04d5741d1b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b31d4b8b60083be0f3cd9237bcbd690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord557
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord531
ProcCallEngine
ord100
ord612
ord541
ord542

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ