fa0cfc7cdb30e169af308455c3cba96a_JaffaCakes118 | Triage

Sharing

General

Target

fa0cfc7cdb30e169af308455c3cba96a_JaffaCakes118
Size

616KB
MD5

fa0cfc7cdb30e169af308455c3cba96a
SHA1

f4054047b1c5b234cbf9f5ff5c5e13e515287df0
SHA256

d309c7644924688608e64ff7f3c6ecca1885ffc843754f813f4ad61948b24119
SHA512

b4486af9d00ed9b03d8b828e7132add2459dd60ba9dbfacc2c52ec583fce76e279012e9107e6119b8d01250211d6534fe7af6a65088ba02c3250cd526c2b57f8
SSDEEP

12288:aaRMD9dYBUQbBqW86ndYu1fr+SnRzLOKk3:Ad06W86dz9rvza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0cfc7cdb30e169af308455c3cba96a_JaffaCakes118

Files

fa0cfc7cdb30e169af308455c3cba96a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43e555ce1ada73f9954561ab0062f467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord587
MethCallEngine
ord520
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord713
ProcCallEngine
ord570
ord648
ord578
ord685
ord100
ord617
ord650

Sections

.text
Size: 600KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ