159ac98171221fb8060551f7e0219209_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

159ac98171221fb8060551f7e0219209_JaffaCakes118
Size

20KB
MD5

159ac98171221fb8060551f7e0219209
SHA1

178f21ef316320d71b6f08ca684a4d589a30927a
SHA256

a9e95c72be45b9149208e9a3d5ad04292e22398170dc8dedeeba10dfafd1c319
SHA512

21afe0d67cf262f4f3144dee4e8406248ebcdf2a20b82d30443d313e613b72b26ef7e09502d26c7c8394ffd4b69df00677df421a7489a592d5701a5616658dbf
SSDEEP

384:NjnulusKYe+t5LR+3vkPUYtXM3clU7tpCLgfR1fIYlzeoYJt3:Yur+kd0v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
159ac98171221fb8060551f7e0219209_JaffaCakes118

Files

159ac98171221fb8060551f7e0219209_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1d4b75df6f3a5b35a5a18bf7463bed9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord522
ord631
DllFunctionCall
__vbaExceptHandler
ord712
ord606
ord717
ProcCallEngine
ord644
ord572
ord100

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ