f5cb19ad5b7ef38179162f237eed11d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5cb19ad5b7ef38179162f237eed11d5_JaffaCakes118
Size

26KB
MD5

f5cb19ad5b7ef38179162f237eed11d5
SHA1

08d457f58a2674a299fb4be73acd33e17d1567ff
SHA256

cf20325596ebc709b44912fcb445cf399b946f38542d98217cf4eff1cf6749e9
SHA512

1cd70f1e1f5e8a1ffcccfc676db30de79f9bf4e96879cba71ead121afe83d12baa7b897b7efcf23b8111ac0224a40f1b8a2e95f9bfa5f342ee2bce36f37a44ce
SSDEEP

384:TOFOnOFOjPlKU1fYHMzOFOsIqDpzBbFqxwp21:KFOOFOTl3AFOsXDNp0aw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5cb19ad5b7ef38179162f237eed11d5_JaffaCakes118

Files

f5cb19ad5b7ef38179162f237eed11d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32de330adec1d4d338e154c0983a5f72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

MethCallEngine
ord621
ord516
ord598
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord648
ord570
ord578
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ