d32c89272fef5a6ade8b529db02ebb8e_JaffaCakes118 | Triage

Sharing

General

Target

d32c89272fef5a6ade8b529db02ebb8e_JaffaCakes118
Size

404KB
MD5

d32c89272fef5a6ade8b529db02ebb8e
SHA1

a431e26a5a12ec3497ee7cb178eb45399ea2b097
SHA256

e36c58deba2601deda537fa08158f92e30e0ae01dd2258c380d49cda6ef7a652
SHA512

3d9fb8d426b0d371f75264fe6472faab921681518cf649a4b0500883ce18708e0445e5e78d3e4a07ca938efdfc77893927d9bb89d3a7fcdd064019dff3adce0a
SSDEEP

6144:wc5GJobRe69T5znZwjsJVU9P2riCJQUJmfRrX:RGa9x6jsJ1XpoR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d32c89272fef5a6ade8b529db02ebb8e_JaffaCakes118

Files

d32c89272fef5a6ade8b529db02ebb8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8635437ea0bb5a5864a5928ec82dde5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord696
MethCallEngine
ord516
ord628
ord593
ord300
ord594
ord595
ord598
ord599
ord306
ord525
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord713
ProcCallEngine
ord645
ord648
ord571
ord573
ord100
ord689
ord616
ord617
ord650

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ