d1eb033df5b9fdb1cb3ad3dbeaf9cd2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1eb033df5b9fdb1cb3ad3dbeaf9cd2b_JaffaCakes118
Size

24KB
MD5

d1eb033df5b9fdb1cb3ad3dbeaf9cd2b
SHA1

6bda6069035b28c8fec7a0798af798cb09d75f15
SHA256

40bd5734fe1eb9eb1e9c59d5c8576b598b2d3dddb2bcfad35c10454fd138b729
SHA512

abc5b4a31e100402a0186e0d2a6e2cacfbc112982cf9672a298722b012a9f0dfd619ac1491df259cda736f0855a8d551239ac239f1d85ce3f0b2d9cc9f5e4bdf
SSDEEP

192:Q4rtcmtS/wYd49sXnuyd4IBsND66uyd4IBL9sX:XX9s3uyA66uyL9s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1eb033df5b9fdb1cb3ad3dbeaf9cd2b_JaffaCakes118

Files

d1eb033df5b9fdb1cb3ad3dbeaf9cd2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7e52e40b3a9e721e2971fddf27e731a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord520
ord631
ord709
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord576
ord100

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ