d5b3296d1e9357b602b530d6413417e0_JaffaCakes118 | Triage

Sharing

General

Target

d5b3296d1e9357b602b530d6413417e0_JaffaCakes118
Size

65KB
MD5

d5b3296d1e9357b602b530d6413417e0
SHA1

b0b8e2e840a0cb4d75d191f56e1a683ee22fd575
SHA256

7a4555d9b4ccb6c420c199dd3e1216aa7035cb5cb137ce81368378e1b3cb7122
SHA512

fd77c3f1a22ed8e7552b18c04a184e84d9b98c0a3b5249a61eee03bb60c1fa6dc2be1e23040a71d77913408646f68f53cc3e460a1285748ffcf39ee867b9b1f3
SSDEEP

768:HiUhteBjoYX0C2JCgPDLoGt3j0uEr1/ut8YHg:VCigICAYGtj3Er12K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b3296d1e9357b602b530d6413417e0_JaffaCakes118

Files

d5b3296d1e9357b602b530d6413417e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6273a5561d9416acb5173154752829a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord670
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord716
ord717
ProcCallEngine
ord644
ord570
ord648
ord100
ord656

Sections

Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc_
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ