fd67c8524d75f39adaf8d8d1795bbbeb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd67c8524d75f39adaf8d8d1795bbbeb_JaffaCakes118
Size

156KB
MD5

fd67c8524d75f39adaf8d8d1795bbbeb
SHA1

ff66b4afcefc121796bed8d7bd7a5401c753b022
SHA256

c1fc665f40436c249f19383883122fc55dede8fcc68397f17c02b7893d5c0202
SHA512

3de1b0ea33c7bd5a8e8c015faef8f993c7eb76f4363ae363028ec268e86335aba065a7b317c05e04e727989fb48873bad42e6b44587e18d34bf6c46cf3ad9a8f
SSDEEP

3072:P4PhAtCUj6NP3xa3qzmG6HDNtXyi9NscsQGhFdWf4EBnqapERLq4H:PC+tR63z6xxyi9lsFRU4BhMk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd67c8524d75f39adaf8d8d1795bbbeb_JaffaCakes118

Files

fd67c8524d75f39adaf8d8d1795bbbeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec2b91102f084c4cb4eb0311e02fe3a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LoadLibraryA
LockResource
ExitProcess

msvbvm60

MethCallEngine
ord516
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ