eab12e9b47e5b96f824c536deb8451a8_JaffaCakes118 | Triage

Sharing

General

Target

eab12e9b47e5b96f824c536deb8451a8_JaffaCakes118
Size

128KB
MD5

eab12e9b47e5b96f824c536deb8451a8
SHA1

b3689604e8a63dcca030ed997f6634daede3c86c
SHA256

8eb764dcf1519033f97bcf46469a91e1b6f360271fe75dfd9853a6a6ef82950d
SHA512

ff8dba0bef9743a1408964fc9d2d9f68dc0c88dd9d111fa5962caf5d8e744c8f994d39458c58649e8967646ddf438a52be8276f3bfc6e0c2f4cbe62a20e0ecfa
SSDEEP

3072:UwNReKym4jXbAfA4OD6ZcZy3+BNUrRk139rNzlZiOO:9wbp6ZENl1NjZi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab12e9b47e5b96f824c536deb8451a8_JaffaCakes118

Files

eab12e9b47e5b96f824c536deb8451a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

665b23e14656be39efb9871ecddc1dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord593
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ