ffa9ec5de99c2167b561771dff2a582f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffa9ec5de99c2167b561771dff2a582f_JaffaCakes118
Size

28KB
MD5

ffa9ec5de99c2167b561771dff2a582f
SHA1

255719a5753b0e4e59f183fa86d04a91fc122cb9
SHA256

4055f701122071180a41b61d82a91f6bcf33aad489a6e5455a2e39aa81bc4148
SHA512

8dd60b6ae3d041196124f685bdab91692ad158208c2122ae97afde411f3101b7ee91a102bee097f78787c46513115ba5c8906eddf32793301ebc52ca4a78f8b9
SSDEEP

384:pGqLKw/pXQYZ7LfB4y0TabVfP8978ArbVkEZ:ptLlVVZ7DB4BWbVfPEvrbKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa9ec5de99c2167b561771dff2a582f_JaffaCakes118

Files

ffa9ec5de99c2167b561771dff2a582f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ce400aba641e4e748c0a5f438c02c05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord665
ord667
ord598
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord716
ord531
ord717
ord532
ProcCallEngine
ord644
ord645
ord648
ord576
ord100
ord616
ord617
ord618

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ