27ae0d4d400ffd8002190c36f0891ad1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27ae0d4d400ffd8002190c36f0891ad1_JaffaCakes118
Size

615KB
MD5

27ae0d4d400ffd8002190c36f0891ad1
SHA1

c3a355b2231228fc5f06302bb32af12ae7e10e97
SHA256

021a1e0f9664ff459daa4d8d3a5b8571ef9a574c733ce28b8ba3d1e208eaa8e2
SHA512

f5d2224d5705b16a60681875d1f6a2546367cb6bebb6ba9aad71eb2dbd66e0a414b633183b20188a6824abf2e50df8f4088213e3b3de5eca3349b651c9a44eed
SSDEEP

12288:r0iFd8OoakGungkJn0vBURjtryPZwwVpd9EWZqVTjczNROkZGbf6dXpXSF:1iOUTgkJ0vBgyhdep14xR8bfuVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ae0d4d400ffd8002190c36f0891ad1_JaffaCakes118

Files

27ae0d4d400ffd8002190c36f0891ad1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bd16f347717a84e73a4892445099aff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord666
ord595
ord631
ord632
ord526
ord527
DllFunctionCall
ord563
__vbaExceptHandler
ord711
ord608
ord716
ord717
ProcCallEngine
ord644
ord537
ord570
ord681
ord100
ord616

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ