17ceb6face8e58ce1a101fa1a5298eaa_JaffaCakes118 | Triage

Sharing

General

Target

17ceb6face8e58ce1a101fa1a5298eaa_JaffaCakes118
Size

56KB
MD5

17ceb6face8e58ce1a101fa1a5298eaa
SHA1

aca6ea6cc9add4915f46f6bee22e28272faaddca
SHA256

d241df49eebd445e74a8daa7b3e5cbe777a9fb47028a5ff303874a56af7c334a
SHA512

ee905765738ed755639d2f14cfc3dce4acf4b281e2de6b9c4a16f7bb39118deeb8d276a4abfc31207cc6940351c0746725aa1de4c1a8a3bba0462d97c15e7168
SSDEEP

768:iZfOQ4ZlqBivMS9999999999999999999999999999999999999999999999999A:s2QDAtIkMDksRGtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ceb6face8e58ce1a101fa1a5298eaa_JaffaCakes118

Files

17ceb6face8e58ce1a101fa1a5298eaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b950aa09c95c056bb9d3daaae041a11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord626
ord593
ord595
ord598
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord717
ProcCallEngine
ord644
ord570
ord685
ord100
ord616
ord581

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE