fe90a5a2388269189192ba6233716dff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe90a5a2388269189192ba6233716dff_JaffaCakes118
Size

372KB
MD5

fe90a5a2388269189192ba6233716dff
SHA1

84e789b3f16cb32a4ce2182be9eabad6516e9527
SHA256

86084e0878cdf8f01325681489d92e5241cab01b8a369bf9fc2c0d795ae3cfe7
SHA512

7c86518813c044f94a4f9ccb644faeca60c40537e4cac340e03cb60ca0183b2d8f814fab7d43a925ce8786878af941b33a240128f2b4293eae237e08b75e11d8
SSDEEP

3072:XmblgEkbiO5BKp/K+iildS1Dghy9URIKG+Yz0uA:UlgEkbiO5BKp/K+nS5URIKG+Yz0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe90a5a2388269189192ba6233716dff_JaffaCakes118

Files

fe90a5a2388269189192ba6233716dff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61ddf5738c014b134949bd18069cef03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord517
ord518
ord595
ord598
ord599
ord709
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord569
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord608
ProcCallEngine
ord644
ord537
ord570
ord648
ord571
ord685
ord100
ord616

Sections

.text
Size: 352KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ