012ecf60b0f903e23b765be1e3031a3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

012ecf60b0f903e23b765be1e3031a3a_JaffaCakes118
Size

16KB
MD5

012ecf60b0f903e23b765be1e3031a3a
SHA1

93a6a35a6d3d7981f8cb438b56e5553c79c734d2
SHA256

0e37a1ed4ad6f52978bdc75a43868b48a6ab8e597394371374c3f9f5be1e80c8
SHA512

1f0ad4dfddbd15afb13ab5a8d7dcd47a69ba05485d082885e6da724b8d395eded62fafbcf0333daa83123ca939cdb3a5d95e1d14b305a45a8ad8a6c3ad27a4e2
SSDEEP

192:Y61k4RG0giPGMGaTL3t8iJndRhqI2Io4:Y61k+hGM5n3XJ5vU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
012ecf60b0f903e23b765be1e3031a3a_JaffaCakes118

Files

012ecf60b0f903e23b765be1e3031a3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a7ad8acac51aad13d0b521eae881eda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord632
EVENT_SINK_AddRef
DllFunctionCall
ord563
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100
ord617
ord619

Sections

.TEXT
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r2rc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ