f0019421eeddeea63d54642059e2487c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0019421eeddeea63d54642059e2487c_JaffaCakes118
Size

624KB
MD5

f0019421eeddeea63d54642059e2487c
SHA1

74012aa2c9d809366318f5f5ff8ada34f222b926
SHA256

6dea1475b7ff13f101cd04cf9380c912174b6c3a590941030a24300209a62c2c
SHA512

92015e06022559cf743b0d82d60881b55f59a63b380843aa04ccdbfa844730666f64a26345daa01983ae45d8996d80b24fb70bb8a9e27f1b03993000154de789
SSDEEP

12288:kXzpumXGD1fgHvL/3+TrHjsMs/5hdyFKtXYg9EZZbQH6Sh0f7RI6v7AwhLb:kXzDGqHvL/OTrDk4F/oEJFAmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0019421eeddeea63d54642059e2487c_JaffaCakes118

Files

f0019421eeddeea63d54642059e2487c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee266edfc71ea2a792b7869fc8f472c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord584
MethCallEngine
ord515
ord553
ord661
ord556
ord557
ord664
ord558
ord665
ord666
ord595
ord703
ord523
ord633
EVENT_SINK_AddRef
ord527
ord568
ord569
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord530
ord531
ord716
ord641
ord647
ord570
ord571
ord680
ord573
ord100
ord610
ord611
ord615
ord616
ord617
ord618
ord542
ord543
ord651
ord652
ord580
ord581

Sections

.text
Size: 588KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ