2ac1da9495a0b54df71c0b0696487d47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ac1da9495a0b54df71c0b0696487d47_JaffaCakes118
Size

20KB
MD5

2ac1da9495a0b54df71c0b0696487d47
SHA1

93129d85a211bc9f6ecc45bc3e8c9672b6466641
SHA256

94e2be72b69b7d743cbc5a73c75f0d5e44a8f1ff993683d07ef47e44a61a17b9
SHA512

db852bec950825d5d91a6c26069a20a99187e01d7440cba90efe9a9d75aa75bb186c500f020cde23a180e63c2fd0f7af300fb8819c7a87f8ee9b92a2240c4f62
SSDEEP

96:8lk968BD01263MDx9MvlU+7x1ETCfmKlm1kRa7c/0/AR24wAJlEHIQeDJ0XR5s:JEI01262xeU8YUmsskYc/BmAooDJKR2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac1da9495a0b54df71c0b0696487d47_JaffaCakes118

Files

2ac1da9495a0b54df71c0b0696487d47_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

e87076a2c55feefbd6994ee4225d6a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord101
ord102
ord103
ord104
ord105

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ