de1937032cbe9cda3d01815ab811075b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de1937032cbe9cda3d01815ab811075b_JaffaCakes118
Size

24KB
MD5

de1937032cbe9cda3d01815ab811075b
SHA1

a5cec6400b0efdc71a138298f30e2a6adde1376d
SHA256

0290820bdcf3b5e615fba6f63b90d64c23d62f31afd52fb3ee753ec19d7e8e74
SHA512

4bc954751ca032a40835735b978b1ac78424eba938f25f40742b06711214953601021e5f1d48e48afa51a686fb262337f13984a57d3c022a59ef40ffd3299e98
SSDEEP

192:Aj8qMWf5L0AG0s5paBzp/yon+8+TXllWaJdF4r5ZWEM:Y8X+gABphn+BXBJdF4XWEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de1937032cbe9cda3d01815ab811075b_JaffaCakes118

Files

de1937032cbe9cda3d01815ab811075b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f21542efc22a76d3dc80f89f17b24fb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord717
ProcCallEngine
ord644
ord573
ord685
ord100
ord616
ord617

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ