dc13c6af81b8585269ccfb43d5055623_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc13c6af81b8585269ccfb43d5055623_JaffaCakes118
Size

516KB
MD5

dc13c6af81b8585269ccfb43d5055623
SHA1

71dafc850b6fa5d3a24766930e9887cd6a0b9028
SHA256

38f084285d8687faf9fed3e2cf1934c76e48c567d3e13e730cd18ee2ae1dc59d
SHA512

49af4b483e706a3e204c1bc614213e020b16ae17c053ee7df3cebdf7923e607f5437c85a654a0c7e3977030987acb733fed16114c9dafbaebd089d51f8a0a3b4
SSDEEP

768:w5ovQFCQI8fKP8K5oRfeqanuaUn/NBsWdiAV0VNe6e5WgKeq:w5X881KWfeqaRzpNVNIWgKeq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc13c6af81b8585269ccfb43d5055623_JaffaCakes118

Files

dc13c6af81b8585269ccfb43d5055623_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93c6026268c7ab8e6a380078704fcb25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord716
ProcCallEngine
ord645
ord576
ord577
ord578
ord100
ord579
ord612
ord616
ord617
ord619
ord544
ord580

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ