e01e924fbda7020a5634d382c250a2eb_JaffaCakes118 | Triage

Sharing

General

Target

e01e924fbda7020a5634d382c250a2eb_JaffaCakes118
Size

68KB
MD5

e01e924fbda7020a5634d382c250a2eb
SHA1

c4109406d9194e592994bcb34ba24f2afd1d83b1
SHA256

12b5f929bac635d10a4cecafc3d6759e5fa9d0ab8a265bb5dc244bc53b77b4a7
SHA512

c30fe4a29546c14c4af9c66a420d36ab6d0b7a81f86e39f7d39db3c980bbf87b723e45dcc30005ece59ba20fc4540f073c2b56635631fb3660461a919ceb2241
SSDEEP

768:Kuo5xW6FyL0/U/V8QXOsHzoIT8SE1lr0TtqQKxB2dcOiLjQd5LxRQyYgzfnZET+T:fw/Ua8OsTfE1lgxqfxB2dcTXtgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01e924fbda7020a5634d382c250a2eb_JaffaCakes118

Files

e01e924fbda7020a5634d382c250a2eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caa4be447627aeb8f505f91fbb9fc8f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord517
ord518
ord553
ord666
ord667
ord593
ord594
ord598
ord520
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord645
ord538
ord539
ord648
ord570
ord572
ord681
ord685
ord100
ord616
ord617
ord619
ord542
ord545
ord546
ord581

Sections

.....
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.....
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.....
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ