d0d4612fadfb7c8b52a0dc51853e34e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0d4612fadfb7c8b52a0dc51853e34e4_JaffaCakes118
Size

40KB
MD5

d0d4612fadfb7c8b52a0dc51853e34e4
SHA1

681041ec93b52ee6fde77af659b80e84937e8eac
SHA256

afe8eba57ce94fa4e451e1d63f69e66f8f44f652084dbb681b6c01b71bcaabd2
SHA512

7347a91e4e609b5819c7bb594652e2b993ac52fcd67c0c0f7010c6ba28e2f96dc37f1cbc957625837a2eaf54e119145ea875bc7c9ab2c50c0822442356144c1d
SSDEEP

768:1l1Ntdv5QhZeumgZv069rgF3oPDhXu5k:DpXQjeSsKUF4F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0d4612fadfb7c8b52a0dc51853e34e4_JaffaCakes118

Files

d0d4612fadfb7c8b52a0dc51853e34e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b25ea6852b7c3ca6cfd801be7406bf23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord598
ord709
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord607
ord608
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ