068685380efeb075c722be05f43e9984_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

068685380efeb075c722be05f43e9984_JaffaCakes118
Size

232KB
MD5

068685380efeb075c722be05f43e9984
SHA1

577a8bc5417d506c87a45c874269a74eaa0000a3
SHA256

b81617d585870b1569401a530b10a79056ed68079bb66f8c21c08aafc6b8658d
SHA512

bd980144246978be60abf6b2e8198bb4e536742fa443a28936ed0e0f2134c61aebbb59ac425556f2dec5ccfa531782d061e748a535435e29314193124d3fe85b
SSDEEP

6144:P2JR6jBaplmtyCrAotVvp+/cWD0QBZeP2ljm:eJwd9y4JtVvp+EdOeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068685380efeb075c722be05f43e9984_JaffaCakes118

Files

068685380efeb075c722be05f43e9984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

852b6112fe25e123ee41640bc5110ef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord555
ord598
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord717
ProcCallEngine
ord644
ord685
ord100
ord617

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ