12db0927a5f6ca97b6f35c3ab29161b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12db0927a5f6ca97b6f35c3ab29161b0_JaffaCakes118
Size

48KB
MD5

12db0927a5f6ca97b6f35c3ab29161b0
SHA1

b1ef68d4cf31fecd69ea681cce91b594b83daa2f
SHA256

2c395cbcbfe09a54472d9d35894fc7fe5330ba0276540d2bb93a53fee2d2e0a2
SHA512

93c616c4e60f17c0f6da424a00d474181d277dfbfd0558faa6c64d0ae0baf0d55c1a8677dabeaae7c388b564d4bcf08a21e9eccabf6a27866485be41b01cd0f1
SSDEEP

768:i/qqHqgxj32JC4VVki1dIPRvdOGwIro9yYmm63nLrk9HUDOp:ivKe6g4x3IPPOC2yYmN3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12db0927a5f6ca97b6f35c3ab29161b0_JaffaCakes118

Files

12db0927a5f6ca97b6f35c3ab29161b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

877b72f1fb9b015d1ecf04b4839e9eb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netshell

DllGetClassObject

msvbvm60

ord669
ord524
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord570
ord100
ord432
ord652

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ