df79005398509272c03a3a3821c5f211_JaffaCakes118 | Triage

Sharing

General

Target

df79005398509272c03a3a3821c5f211_JaffaCakes118
Size

36KB
MD5

df79005398509272c03a3a3821c5f211
SHA1

8f2e29fe3612bdbb541e2e2a5b406b6f9f23e4a0
SHA256

b4d5a28bf092be72633c49040b4c3b0e21a72fb437d6da5744870adbf6deb361
SHA512

9be5dd663c39fa68f7070accb4969c421b82b9fa56e937d97b22c9cc5e1ecc12e46abf0e0a4ebfbc0576b83eaef9be01dc9c5afe6d145a9d5f2fd52d962974b3
SSDEEP

768:CcEvPm0SJUmmxFFrRdz60nlloFKrYutIvYtK7x67MSTn:DEy9r8K16AMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df79005398509272c03a3a3821c5f211_JaffaCakes118

Files

df79005398509272c03a3a3821c5f211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0535613385aa4eb57c05ef8b046bd86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord593
ord594
ord598
ord631
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord715
ProcCallEngine
ord645
ord571
ord685
ord100
ord616
ord617

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ