06dd265821abb4fb308ffa0d282843ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06dd265821abb4fb308ffa0d282843ae_JaffaCakes118
Size

44KB
MD5

06dd265821abb4fb308ffa0d282843ae
SHA1

26ca3bf5fe57d0bb933ff8fcaa5a7687a89d9349
SHA256

91d18a4cc42a9bd68577bdc55a3ef50ca2f638ba7a1ae8a578d2a48c47770617
SHA512

beb89d32fe3f0a6091631591b1cff5e96c73539786dd37b4930d579d482d832ef9a95f61523772e6279ca5c71aee92b34fe04d7a8b22a6fd5390401711175d59
SSDEEP

384:r2xGBWHzGzJGIkIMDzkozla3ccJqlEW+s+w3KlY:r2xd1IkRDzSccJqlEWj3KS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06dd265821abb4fb308ffa0d282843ae_JaffaCakes118

Files

06dd265821abb4fb308ffa0d282843ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a916021b6c1baf8e6ddcae46dab89fe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord626
ord666
ord595
ord632
ord526
DllFunctionCall
ord600
__vbaExceptHandler
ord711
ord608
ord716
ord717
ProcCallEngine
ord644
ord570
ord100

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ