d2945c144ae9a85cc0be51831fa7f243_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2945c144ae9a85cc0be51831fa7f243_JaffaCakes118
Size

494KB
MD5

d2945c144ae9a85cc0be51831fa7f243
SHA1

daf3615f6ab1fe5b13589eef668ed07373d06e3d
SHA256

f1775b4e57e5c842a0e531849adf73503d3ef9efe98d7cf392842c8ab9d82e23
SHA512

b4f6735da02263f0fb6583fe0540633dd63a6b298e8784061b4882a1c544a2473f0aaeb3569baeb04e0eb651663633b45471f18376adada3a5619d50b8a00fe2
SSDEEP

3072:oMUOy+jMUOy+R8s5gyOUCoTi7R1je+P/x8rhv/untosajlXf4TZBIiTM0uGfpwfm:oZOyGZOyjsmyRkR8+BavSy+xIikZOyA

Score

1^/10

Malware Config

Signatures

Files

d2945c144ae9a85cc0be51831fa7f243_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b086c962f860a072d75e11ca6e4067c1

Code Sign

01
Certificate

Issuer

CN=Crank programs,O=Crank software,C=FR

Not Before

08/03/2019, 16:03

Not After

07/03/2020, 16:03

Subject

CN=Crank programs,O=Crank software,C=FR

ea:d9:10:33:23:a4:cf:64:18:96:02:a6:81:d7:f8:a9:23:22:12:25
Signer

Actual PE Digest

ea:d9:10:33:23:a4:cf:64:18:96:02:a6:81:d7:f8:a9:23:22:12:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord583
MethCallEngine
ord519
ord667
ord631
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord576
ord100

Sections

.text
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ