2957c436a7adcf35ea1f55e80063053f_JaffaCakes118 | Triage

Sharing

General

Target

2957c436a7adcf35ea1f55e80063053f_JaffaCakes118
Size

40KB
MD5

2957c436a7adcf35ea1f55e80063053f
SHA1

319a6eadf73d0c1de47693ecae385ac9cea0ee25
SHA256

e3063ca257c155a54a05a2f717a036775c6d056247646e0d3556c8d5b73d23fb
SHA512

e4a6b13db23cddc2467fa51ab8b40a3e86b347eb3df158f5007862b8055bdcadb9fdcf84bf5eea86716892234f22e784ada90dde580b4f1c1df97af65cff5f88
SSDEEP

768:daNIX6DV6Q2GH8qiNHXwHvbSCehr8HR0pvc:dOLPH8qgKgrQ4vc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2957c436a7adcf35ea1f55e80063053f_JaffaCakes118

Files

2957c436a7adcf35ea1f55e80063053f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a0a5343feaaabb3dea2557cc7b45ead

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord517
ord518
ord593
ord594
ord598
ord520
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord570
ord648
ord573
ord685
ord100
ord616
ord618
ord546
ord547
ord580

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ