eb8fc8ceb97a5356f4d2620e679955c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb8fc8ceb97a5356f4d2620e679955c8_JaffaCakes118
Size

260KB
MD5

eb8fc8ceb97a5356f4d2620e679955c8
SHA1

b268dd3be669f1c047215c434dbc853c79eeb329
SHA256

8072bf44cf4265431ab19812bab9292ba90c1c2ba52c9f4e59a42f2a2c4bb0c3
SHA512

224ba9487769b55045be6772e83735800e83fa4ac06bab67305d726669e7374762f5b04b4e9c04482c3e36a3ad2fd0388ce8a4a6ecb252e91fe5231f911be380
SSDEEP

3072:j65PDykjCBx2hypK7D6zdX3+P+kdMTBxW0kMXuNF4SF3cqOzNvIAgIU07iCf5dC5:jLx2MXi4caSDIUc5dZGMdLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb8fc8ceb97a5356f4d2620e679955c8_JaffaCakes118

Files

eb8fc8ceb97a5356f4d2620e679955c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45eaafe992369172c04ff72247ae14d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
ord631
ord709
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord717
ProcCallEngine
ord644
ord537
ord685
ord100
ord616
ord581

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ultra
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ