dc00e6763d5e7241f63b70cd45396f5a_JaffaCakes118 | Triage

Sharing

General

Target

dc00e6763d5e7241f63b70cd45396f5a_JaffaCakes118
Size

416KB
MD5

dc00e6763d5e7241f63b70cd45396f5a
SHA1

b69b692b9d2b5385eabe62ccadcddc5582c5e163
SHA256

20b149f356480fefeaf8198610b94b5323e73343810ff0246c06c89e75457611
SHA512

bf8409646d89c32fbbdcfdccabd8405350e6578f66cfe8e73a318c928c3723bbe3a1b779b738a0c5ff123f376fe05bf3c3bf9f1b1e55f4dd2542ac055455b5c3
SSDEEP

3072:2QGSk7CyMJMsK4TvFHNeBWIxbvlp6EPd+dkbDTp0gUHWJdMborPteTObSX:Ss9HNeBBNlpZPIoD1MHuMborPt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc00e6763d5e7241f63b70cd45396f5a_JaffaCakes118

Files

dc00e6763d5e7241f63b70cd45396f5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

200973fdddc320c64a7fa337c8b0aa6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
Zombie_AddRef
ord100
ord616

Sections

.text
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ