d3e6ecd57dd24eedca1b0d0ac5d0752e_JaffaCakes118 | Triage

Sharing

General

Target

d3e6ecd57dd24eedca1b0d0ac5d0752e_JaffaCakes118
Size

72KB
MD5

d3e6ecd57dd24eedca1b0d0ac5d0752e
SHA1

8257ba82f0c8253b2ac10f7ed2db9fcc2452e457
SHA256

b542b3a21b44223b976fdb8fe01d3d2f0abe68cb77f67b983812a536e3c3a23a
SHA512

59e10c18a134faeaead06e6fb07dbb4c674a0474fd18e4c0d4ae863bbc46ea8d272e2cce19c35132a62d671ca6cb2b69701fa01333c21b347058a8706cac1421
SSDEEP

768:bQfKGOrVOJ4AjkM6bsZ4g8GNMEPt+Jie/pigOKhhEWujqga87VYv9R9:bQCGEwPjqilaElKi5gOKhh+qga8Ov9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3e6ecd57dd24eedca1b0d0ac5d0752e_JaffaCakes118

Files

d3e6ecd57dd24eedca1b0d0ac5d0752e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76d168ad3c703357cdb2d6ebe75238ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord695
ord696
MethCallEngine
ord516
ord519
ord626
ord666
ord667
ord595
ord598
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
ord670
ord568
ord569
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord712
ord606
ord714
ord608
ord716
ord531
ord532
ProcCallEngine
ord537
ord644
ord570
ord648
ord681
ord577
ord578
ord685
ord100
ord689
ord616
ord617
ord619
ord546
ord580
ord581

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ