cf4557e31d30db094044cc0c7d8b7516_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf4557e31d30db094044cc0c7d8b7516_JaffaCakes118
Size

41KB
MD5

cf4557e31d30db094044cc0c7d8b7516
SHA1

32749dc1159cac1cd19f765f786efa5b57430a52
SHA256

8a1c62fcbb28f6d57fc1d8e925fd16d2580eb0982fe0b0d7ddbf1e63b5b54c63
SHA512

51b17655c5b32510b29ceb4a790fb9c4136a4782a0c486b7140f840395584b2dfab688166b5a050569f67a0c3b05c2de5e04c1edd4b0a8dd25c4a710782ab270
SSDEEP

384:ySb+E8152KpuJs7XzY+vUmkPysJPv8y5XkzOiVNgDWu+mnIiK:ySb381JNvUmkPys8yKaiQD5Id

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4557e31d30db094044cc0c7d8b7516_JaffaCakes118

Files

cf4557e31d30db094044cc0c7d8b7516_JaffaCakes118
.exe windows:4 windows x86 arch:x86

455e3c87c5118c04ced3f6d538c9c2e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord537
ord573
ord578
ord100
ord619
ord581

Sections

.TnnT
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D3TA
Size: - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.R2Rv
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ