faa62d0bcca0dadfa29b548117128096_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

faa62d0bcca0dadfa29b548117128096_JaffaCakes118
Size

96KB
MD5

faa62d0bcca0dadfa29b548117128096
SHA1

9aad75afe3c434638ae9fd91478478d42d6c6b2f
SHA256

77ca5844c71098d5dc8ee378c670f7e4808fb9088e8c538a91c7abad52574dfa
SHA512

93c135068d9fa093ec3b5df70c6d803076f73eb92355c81c44d6bec402c1361cae3d1fc2fee7c46bfd9126d7403d05668a824a624568f9d4c8fbf0567e3c476e
SSDEEP

1536:EHJwszpJGSAUSJoFZiMXn74g9+m8xHAdNgOrLkWD3D+:U/qN1JoFZtn74g9+9aNgOrLkaD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa62d0bcca0dadfa29b548117128096_JaffaCakes118

Files

faa62d0bcca0dadfa29b548117128096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98cbefc3767eb80a15f7c53fce51e54d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord598
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord100
ord616

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ