eaac857248c251e890a56ab8e0db6003_JaffaCakes118 | Triage

Sharing

General

Target

eaac857248c251e890a56ab8e0db6003_JaffaCakes118
Size

20KB
MD5

eaac857248c251e890a56ab8e0db6003
SHA1

57bb97a317ad242a4bd1a6e59f0b12aaaeb05901
SHA256

980630f4d1c79b5c85741989451a6f00e6a589f52dd7a203107901b59d56aa85
SHA512

8d922b1963837b4d84a03742c207080db7a4bb5ee610d9576def823789efbc775aa622ad2776c55ff25f4c75a3ef7722d9ca6b5e1fe7d7f270f1fa76a4eb2d55
SSDEEP

192:z38WglKh5LmF0oIigjvBWAmAKudfA93+uS5K:zTL4STigjvqAKudfA9Ou1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaac857248c251e890a56ab8e0db6003_JaffaCakes118

Files

eaac857248c251e890a56ab8e0db6003_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

52baa4aeb8c12d3af48ddb20e177f720

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord632
EVENT_SINK_AddRef
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord101
ord102
ord103
ord104
ord105
ord617
ord619

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ