d01cd520b8b0824fdb924389d4d838af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d01cd520b8b0824fdb924389d4d838af_JaffaCakes118
Size

396KB
MD5

d01cd520b8b0824fdb924389d4d838af
SHA1

610eab3fd5e6e74fb6a631a0756f7a22fd2d981c
SHA256

9184ea701b0bf27d10297153e10d7a083d93feb5d9c797621c3918fdecc6815a
SHA512

51355e820fcfbf3dd237b101dd03561912f9276de1c780f08c1901831a6ffe453fae468cd78ac820dcf5dbc9e8720ea6eca16d9c21061ad3bc83093dcc9a909b
SSDEEP

3072:YTz2ZEnTQBk1D8ONO+wMV5TuInm6fc6Ip0f8u4ZPHSZrb1:YTpTQBk1DlDTuInm6cpQkZ0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d01cd520b8b0824fdb924389d4d838af_JaffaCakes118

Files

d01cd520b8b0824fdb924389d4d838af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a19690325ea49d9fcb08eb847ac042e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord717
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

khbdnsy
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE