ffd150a1b5a0176f4478694cb6379598_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffd150a1b5a0176f4478694cb6379598_JaffaCakes118
Size

736KB
MD5

ffd150a1b5a0176f4478694cb6379598
SHA1

c60878d178534d59158d190ec349362a1cb74d2c
SHA256

db9c397458bcc8ef205db1849ae06ff13c87eb1efefc5c0b3556a51cdee943bb
SHA512

6d29990071d91cbfc4b721a67fe272d3cf4ffd1e9575321609e08f912222d7e55fea5a6ca0a9e2369297301a1f5cf8a797fa41213f3abebd51491334b24d2f9b
SSDEEP

12288:2rFTgKf6I+MNqB4LFGPcp4SsZJkEa8/xGwhD1uxTLOr72k+EysX66:2rFUKf6UQB4pGAsP74KuxnOrqkTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd150a1b5a0176f4478694cb6379598_JaffaCakes118

Files

ffd150a1b5a0176f4478694cb6379598_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a1d40c617d5d3992548e74d17a0cf22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord593
ord594
ord631
ord632
ord525
ord526
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord648
ord570
ord572
ord573
ord681
ord578
ord685
ord100
ord616
ord619
ord581

Sections

x321x321
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x3213x21
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x321313x
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE