e1a2f1b6d92e41a8c8afa9ca72dee52e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1a2f1b6d92e41a8c8afa9ca72dee52e_JaffaCakes118
Size

362KB
MD5

e1a2f1b6d92e41a8c8afa9ca72dee52e
SHA1

fd0f9d3dbf2b3aed68d3b4431322c1a851b7cfa5
SHA256

bf538a7bc129ff7d7fbee58cd0fca3aaa87bc6d848d132f981f601ad5ebff2a1
SHA512

aad65a7e6ff28c4297702b88cb082cbeac49eec5352b8cae8a7c190d4c2954736260ab1d5875f526d1fed75ac8a5973f44b79ec4b127367c94beb71b5deb9940
SSDEEP

6144:kzi0inCncm4QjaEeWb9FFRGYbcAMWRsYwtgG3/z8+CM+ziysn0ir:k+5CnyQj98YbcPYgvz8Nzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1a2f1b6d92e41a8c8afa9ca72dee52e_JaffaCakes118

Files

e1a2f1b6d92e41a8c8afa9ca72dee52e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e563f6623b07acbc0c7694e22ff12df0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord656
ord660
ord557
ord665
ord595
ord596
ord598
ord520
ord521
ord522
ord523
ord631
ord632
ord526
EVENT_SINK_AddRef
ord527
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord713
ord530
ord717
ord533
ord534
ProcCallEngine
ord536
ord537
ord644
ord645
ord648
ord570
ord572
ord576
ord578
ord685
ord100
ord687
ord613
ord540
ord581

Sections

.3QD5
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fb5I
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d49E
Size: 256B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE