f895405151cd97df731854ba8ce6ac7b_JaffaCakes118 | Triage

Sharing

General

Target

f895405151cd97df731854ba8ce6ac7b_JaffaCakes118
Size

60KB
MD5

f895405151cd97df731854ba8ce6ac7b
SHA1

e4e24dd039bec087f1239c8559a9395ae7332870
SHA256

8603449abec4bd7d7a34dae843e77b981d8b28955177cc46f1c0d0141ff582ea
SHA512

00475b4ecfa4bddcd7ce4e1f6af591c9848edb54ee75659232c7cf8e1be3af4531838e9edd2100815ac04e952c11602b5058d4adeb2f06642beea26d5e0abd34
SSDEEP

768:mfqvp1Iywe57Hg2tm+ykDPfqR2wIosk9pnJS7:dvEo1g2JDPC4oDpnJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f895405151cd97df731854ba8ce6ac7b_JaffaCakes118

Files

f895405151cd97df731854ba8ce6ac7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29e219cc89a688f7b597afca6a211d72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord514
ord518
ord628
ord556
ord665
ord666
ord524
ord525
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord531
ord532
ProcCallEngine
ord645
ord539
ord646
ord570
ord685
ord100
ord541
ord651

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ