dd6af8a2a3b727ad2e4871f1c08479b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd6af8a2a3b727ad2e4871f1c08479b3_JaffaCakes118
Size

464KB
MD5

dd6af8a2a3b727ad2e4871f1c08479b3
SHA1

1e72c276a9faceddfd7839763e00720962e7026e
SHA256

a95339736f761bb45cd26913d19661570ae9a7e0fd27d4a66328d551f173efc6
SHA512

03c0beb8a697b276baec8dfa85d84856f8f9f146df59664a8dcb02b7728f5379bd6f0f54f0f5f132858fb14cd4ae26215a15ec6648dd56013205bf93d2efbe96
SSDEEP

12288:cesrEsMcESvuNiLG64/GBaYZAqTrv+M05Y4Pp9DFxAg+mVsnt07xiSG4aw:ceoTrvE+4PpFkpCtGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd6af8a2a3b727ad2e4871f1c08479b3_JaffaCakes118

Files

dd6af8a2a3b727ad2e4871f1c08479b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

341de39bb378471387526ee1ad38e736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord666
ord595
ord598
ord709
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord717
ProcCallEngine
ord644
ord537
ord645
ord681
ord576
ord685
ord578
ord100
ord616

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 172KB - Virtual size: 4KB