fbdfc5e3e8b77e82fe7813e6f76f2d26_JaffaCakes118 | Triage

Sharing

General

Target

fbdfc5e3e8b77e82fe7813e6f76f2d26_JaffaCakes118
Size

16KB
MD5

fbdfc5e3e8b77e82fe7813e6f76f2d26
SHA1

94f7468f501af024d5192f353f6a7de529450caf
SHA256

a531f76cd54f5f1d0e1628e1524d92f6888ef7fc5be65646b2dc2ba6ddd22251
SHA512

b8fb2e50dc935f715268e3ea3f7fef1dfaa1e6bb081058c841cfae95894d977a986fc4aa66a4e6eda1225aaa5c69ae03c0d4e863f4b904957c1c0b08c10f086d
SSDEEP

384:IdMrDvzLlMTYMxzp4ie8DGW3szzwPYEeV0XFv2/d9:oqD5upFnDVKzwPYrV0Vu/d9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/FedEx - pdf.exe

Files

fbdfc5e3e8b77e82fe7813e6f76f2d26_JaffaCakes118
.ace
out.ace
.ace
FedEx - pdf.exe
.exe windows:4 windows x86 arch:x86

75862356bd9cbb382e5f934704bd87d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord519
ord660
ord557
ord666
ord595
EVENT_SINK_AddRef
ord529
ord560
DllFunctionCall
ord563
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord609
ord716
ord647
ord571
ord100
ord610
ord616
ord651
ord652

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ