f97a72110240fff3cc1555ff3684e846_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f97a72110240fff3cc1555ff3684e846_JaffaCakes118
Size

156KB
MD5

f97a72110240fff3cc1555ff3684e846
SHA1

79030c4c59142bb53d0f00ce36b3e5deb7b0cc5c
SHA256

42c295aa9918f8a49fe78d4df4bd48af1f52a2d5dd8612199566844a3bbf9553
SHA512

ce8fed6a11646fdb22eb4457de960a1b69aa275029e19a9e805ca29075023a1a008dce76addc7a92b420fb901dace1063f065b98aff8fe3ec51ed8655880620e
SSDEEP

3072:gPKni70UQp/z2hyYK7DQzdy3+P+kdMT6MlsKS12Hj:fy71Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97a72110240fff3cc1555ff3684e846_JaffaCakes118

Files

f97a72110240fff3cc1555ff3684e846_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1d139435d32c2568fa8398856d078e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord665
ord595
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord717
ProcCallEngine
ord644
ord537
ord645
ord573
ord100
ord617
ord650

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ