fefd06ab033815a115d231370462d8bf_JaffaCakes118 | Triage

Sharing

General

Target

fefd06ab033815a115d231370462d8bf_JaffaCakes118
Size

1.3MB
MD5

fefd06ab033815a115d231370462d8bf
SHA1

3b4852e7cc9338ea5a7e54e111f2b93da33f5232
SHA256

5a91461087b92a35f530ff9acdffafce6427b663bf2775fe7d0b282eb59cb391
SHA512

4b32e7fb74107eafde7fa48e8dad3c42a8c19ca017f4e66dda3d4633ca81297f653e048be83e60907f49989815c66525419cc08a73d1c5f8043d7f209cf97e34
SSDEEP

24576:MfogYE4SjuNVptx//22jjzhSI67zBNeZ6bLt2hurxUZwiI0H:MwgYEDwTw2jjzWPT1aZwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fefd06ab033815a115d231370462d8bf_JaffaCakes118

Files

fefd06ab033815a115d231370462d8bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

297d222da34645345c870cc662f88df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord594
ord598
ord525
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord537
ord644
ord570
ord100
ord617

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cxsx
Size: 1.2MB - Virtual size: 4KB