266055dea040ea6adecfbaacfea3e28f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

266055dea040ea6adecfbaacfea3e28f_JaffaCakes118
Size

168KB
MD5

266055dea040ea6adecfbaacfea3e28f
SHA1

42d0a8ca5d4ec1766a5d6958477e36f29ed1e9b7
SHA256

db6efdb89b4f9e9c660aebdf9b93dd2ccc93cd761aeaa5c1a1b30ae03b37f14e
SHA512

56fa878a4c72df7e2b4c3925104f9bfa245b39b07f7ea18aa7a75f437ef3c550bedc495288385155e51c3c15916f07d0bf45974d2b3aa7224257e183c9d663f5
SSDEEP

3072:RyTPv0aGjJaYc+5JjUyZ32KiIe4TSrKzNsdtIZGNmsbn:Ta8cMJV32Ki1KzktLj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266055dea040ea6adecfbaacfea3e28f_JaffaCakes118

Files

266055dea040ea6adecfbaacfea3e28f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fd294ae0931d8b532919bcaffaa3090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord585
ord586
ord587
ord588
MethCallEngine
ord552
ord554
ord556
ord557
ord558
ord665
ord559
ord669
ord594
ord595
EVENT_SINK_AddRef
ord560
DllFunctionCall
ord562
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord534
ProcCallEngine
ord572
ord575
ord685
ord100
ord610
ord612
ord543
ord547

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ