fb8216323b1aaeb5dfc0ef35028ef3f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8216323b1aaeb5dfc0ef35028ef3f2_JaffaCakes118
Size

357KB
MD5

fb8216323b1aaeb5dfc0ef35028ef3f2
SHA1

66ed51e84304078a1a2942b4c61284a3d1c06b8d
SHA256

feb6a1823faa6673b23ce4d84ff10b42ab342f7ccde128d2a86e0c45e2931cae
SHA512

7a9e23e8110a89a8e26f4011f56881c4d3547b0a1d0165d179fc42e18c2ed501780072b483999497487d696d2ab8175e2f37a6cadb174c3a6ce56e14e861fb31
SSDEEP

1536:ZkH6t3uOxPDjLFmg5Tf9u8Img5Tf9u8LO12Zcrx5UJKL5qdog8EkOAD/:ZknCjLwgZfYSgZfYFx5UUQo7E7A7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8216323b1aaeb5dfc0ef35028ef3f2_JaffaCakes118

Files

fb8216323b1aaeb5dfc0ef35028ef3f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b01649f7a7eedb196b88ced763f8a889

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord300
ord595
ord303
ord599
ord306
ord309
ord631
ord525
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord537
ord100
ord616
ord581

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE