17d221b55a444276e8855b5432a492a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17d221b55a444276e8855b5432a492a6_JaffaCakes118
Size

106KB
MD5

17d221b55a444276e8855b5432a492a6
SHA1

f694819aea888456f7172f5d5c5b73b6d2ec3d35
SHA256

df74d9f3f74b3b85e3d10c671515f803d8a6604f5ff105ca29b6b7970603c100
SHA512

d4f9e2373ccca08bbc9db4a92c854c0c392fae02a188a8cd3e60f9034a884f0c0012b52d47c48ecc985f5278ff1a193e35705bfab8de8c9f59dd9a474b6a0dbc
SSDEEP

3072:4+Boac4HoshJXeudNQH0VDYrNLaW6OEMRE9C9/vYh:4+FcKoszXJVOJLaTOvE40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17d221b55a444276e8855b5432a492a6_JaffaCakes118

Files

17d221b55a444276e8855b5432a492a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ee459202d13685d56cc5faff4639e09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ProcCallEngine
ord644
ord570
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ