f6490478dffa644d213f8991e2579549_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6490478dffa644d213f8991e2579549_JaffaCakes118
Size

2.2MB
MD5

f6490478dffa644d213f8991e2579549
SHA1

f8ccc1d789932c71eb39530f12c7a1d8a30bb127
SHA256

949dd2a36182fce3c667ad2448d4ce2f8e4d36c7de9bda4491f5a8becb50ee19
SHA512

7f4279857a2fa6c4b5cd41018552e2e29e326db630e11f8d8f3831c36366e85c83dab90afc47f454784a28c423b711919fc9c2cf36d3b53b20c06553f2eff027
SSDEEP

24576:0mPI82qN0ESdQpglO1CxDyawn27h+9hrlgKQY9SGcZwCdTp:B50RIglO1CuL9VNcaCd9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6490478dffa644d213f8991e2579549_JaffaCakes118

Files

f6490478dffa644d213f8991e2579549_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9b22d25d41c840a00cf9e730db4df65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord620
ord516
ord519
ord593
ord594
ord595
ord303
ord309
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord713
ord607
ord608
ord716
ord717
ProcCallEngine
ord537
ord644
ord570
ord648
ord573
ord578
ord685
ord100
ord616
ord617
ord619
ord581

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ