106b3c3797834988484b4173fbdb2d60_JaffaCakes118 | Triage

Sharing

General

Target

106b3c3797834988484b4173fbdb2d60_JaffaCakes118
Size

282KB
MD5

106b3c3797834988484b4173fbdb2d60
SHA1

51ac93d30d69b14b141832afa3a212eeeb78abd8
SHA256

a240936ec764e66438ed938d7af81808d081e4ee5a3d9b350befa8d6bf864a5b
SHA512

f1b7aa67fd3c81a3e5f56743e50ed02be66be9e20cede688972d973dd93579b8f67a967f7fd72629f08edc0226d72b97756eba98681be0d513c3d0f83767bfb7
SSDEEP

6144:+hPBarKpKioUYzXlxDQJIqKz9CAivuATer+oOw:ePwrvvUCgOCHbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
106b3c3797834988484b4173fbdb2d60_JaffaCakes118

Files

106b3c3797834988484b4173fbdb2d60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

375c7402f8748b0ff0440c4212cdf8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

__vbaVarSub

Sections

pec1
Size: 22KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

glsvymr
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ctjeiwz
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgbmrck
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE