fec6f63e70e4901d31ca17fe5f61dba3_JaffaCakes118 | Triage

Sharing

General

Target

fec6f63e70e4901d31ca17fe5f61dba3_JaffaCakes118
Size

188KB
MD5

fec6f63e70e4901d31ca17fe5f61dba3
SHA1

d87cb1a5add25e567c4c30f6254d17b8c1075e47
SHA256

e416cc182ef060ee4fff4a5c88c554f9ee8fff347281f29cc4d251d66a5aeeca
SHA512

8fdbff204f3391dce69230e452334249412171eada4434366758f75b53fec8aeb8f9ed7d20211cd62a3284e060fbd0ec173e1dd1f5b5f029ec5225e4706deb7b
SSDEEP

768:snW9/yHO0tXEB3fAIsFueP6YWgNZ1JlIEXiOZEKwNq6rIgkcQcE:4fHg3IIso434DOaKuqQH/QH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec6f63e70e4901d31ca17fe5f61dba3_JaffaCakes118

Files

fec6f63e70e4901d31ca17fe5f61dba3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35fa8600f7c76a8084a7ea57bfa7f2bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcW

msvbvm60

ord582
ord583
ord584
ord696
ord516
ord628
ord660
ord593
ord520
ord632
DllFunctionCall
ord601
__vbaExceptHandler
ord606
ord608
ord716
ProcCallEngine
ord644
ord572
ord573
ord575
ord100
ord546
ord581

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ