2918606e1b1596af7980f83d1a8b4f28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2918606e1b1596af7980f83d1a8b4f28_JaffaCakes118
Size

232KB
MD5

2918606e1b1596af7980f83d1a8b4f28
SHA1

2220a58a2ba1ab0f9247ddfcab2a7b86fa395f78
SHA256

d2d525f7594d1b5d8023f6b09c5848f1bca9ee49a507aed5f123a6e1ef418601
SHA512

a4eb3da739b7b484eb390d1aa5c71fa6d97212ee70c100a1c1e49717a1807d940fed59c8178a0b55bfd124c1dc616a15cd9ee1ee2936b73aad28101fb48b7ce2
SSDEEP

6144:V2JR6jBaplmtyCrAotVvp+/cWD0QBZeP2ljm:sJwd9y4JtVvp+EdOeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2918606e1b1596af7980f83d1a8b4f28_JaffaCakes118

Files

2918606e1b1596af7980f83d1a8b4f28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

852b6112fe25e123ee41640bc5110ef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord555
ord598
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord717
ProcCallEngine
ord644
ord685
ord100
ord617

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ