0c4cc565b56c9369e0f90c5aff827e87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c4cc565b56c9369e0f90c5aff827e87_JaffaCakes118
Size

48KB
MD5

0c4cc565b56c9369e0f90c5aff827e87
SHA1

4dff7a0aaab99df36401f2482b5d733ba0ae9f55
SHA256

a7cd4e0aa6baf3e1fc9adf1f397e851169e870ec18125d60d38f1a885aebb6b6
SHA512

7031e4b736f64666a745bd08c15f107f7fc4cc65193500486e25d210d3481bab438fcff39784c5ba8a57b57c1720aef5fb57ff762d260991334e58c0876c8e98
SSDEEP

768:p28S/zAYdenz4ebZF7kENfM+uixusGDZ:p2nf8TZF7ZYGuPDZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4cc565b56c9369e0f90c5aff827e87_JaffaCakes118

Files

0c4cc565b56c9369e0f90c5aff827e87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce5e2eb850273b74fd5dfc026dcb9324

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord660
ord592
ord300
ord301
ord595
ord303
ord598
ord306
ord307
ord309
ord709
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord670
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord607
ord530
ord608
ord533
ProcCallEngine
ord648
ord573
ord681
ord576
ord578
ord685
ord100
ord579
ord612
ord617
ord619
ord580

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ