fab8bb9cd478722236228aa81d9fa78b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fab8bb9cd478722236228aa81d9fa78b_JaffaCakes118
Size

16KB
MD5

fab8bb9cd478722236228aa81d9fa78b
SHA1

5ac8a4ca4d94cd72a59db34408088e59b9902b73
SHA256

3d72b59706a484d776548bc77eab12560bf7748c32a1321461ee79322c2c4ba5
SHA512

9b87d69d4ba925f996e566f84aa434325077b8fa5a7b89e83f56c9f78a864875c00414aaf21d63d35421269f69840c43b3aaf97b2dbd73c2ec440d7c3ddf7a98
SSDEEP

96:BTK6m2Vjw+/SKsoQJc9hzlyryt0UwLnfhE:NKh2Vjw+D0Jc9hzlnt0UwDfhE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fab8bb9cd478722236228aa81d9fa78b_JaffaCakes118

Files

fab8bb9cd478722236228aa81d9fa78b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c7164566a7ef640bb7c468cabeb5b0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord518
ord626
ord520
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord685
ord100

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ