ef3b99aa0e87aedec11e2446180f37c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef3b99aa0e87aedec11e2446180f37c2_JaffaCakes118
Size

156KB
MD5

ef3b99aa0e87aedec11e2446180f37c2
SHA1

70af17af32ac99becd000db0ef7712e29f06dd1f
SHA256

8a76817eb727a61003a8b4381eb771fab59632f0cdbd30a2455779b20cc45c6a
SHA512

e6fd334ce02d899c6da2e9fe41aab0e967cc83425f02ca90c966bd11650b25dc31b0005fef93373d513cc4a2423cddbb0fa069c0f97876dc5dcf32cfbff8df31
SSDEEP

3072:A288E9E4dQNkxNS6YPXkxPYcEM2PpiuGB4euIRJVcBP5mz8DIoVgYcK:mRFYPkPYcEZIRvJ8DI9Yc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef3b99aa0e87aedec11e2446180f37c2_JaffaCakes118

Files

ef3b99aa0e87aedec11e2446180f37c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21628fddb4b56ec49b55068c678e191b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
ord666
Zombie_GetTypeInfo
ord593
ord594
ord595
ord598
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord714
ord608
ord717
ProcCallEngine
ord536
ord537
ord644
ord681
ord685
ord100
ord614
ord616
ord617
ord581

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ