d0713cc76c5590cd0bf0ed9bbdc950d4_JaffaCakes118 | Triage

Sharing

General

Target

d0713cc76c5590cd0bf0ed9bbdc950d4_JaffaCakes118
Size

20KB
MD5

d0713cc76c5590cd0bf0ed9bbdc950d4
SHA1

6cb9a6939a11a5d64d43723200f81f4e5fa1edb4
SHA256

4a8925c8cd87d61bd8e241e6ab0e8d544164d740f9205e18b32562983d5c4473
SHA512

159e8c1bc02602c5f3bf6bdf16f005e469471c707325a10c4d5ee0c965585f94351b469c015e9e47147304d41edfa7d490ff1dee1defa34573b86b52c63fc82a
SSDEEP

192:BgACajULUEVBX2p0qHKYMV+ED+91XW4E:uADjGnBX2p0ia+TVW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0713cc76c5590cd0bf0ed9bbdc950d4_JaffaCakes118

Files

d0713cc76c5590cd0bf0ed9bbdc950d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0bf24b3d610ae272c9dbe8db06a10e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord626
ord667
ord525
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord607
ord570
ord648
ord100
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ