2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118
Size

397KB
MD5

2b6fe5c490a00b888791b8b7ba590240
SHA1

c0fe35d2e68cff4326adccc714472faa123ec9d1
SHA256

d8e1e1c3b38d895ca72a0b0a0ead41a7860bb2528d3cb758590f281f10da0306
SHA512

8a0902c9febb4e6e6c5944a24f496e1d523aab44afd5a925f1d1717ea265e1e6c6e0a1fc92d1849fc711fcd76ab9e6d058bcab5b541f34d9eda6b95684da4186
SSDEEP

12288:2MCDo8a+IIZO8k/inLrYdhDW8yODWWpO6te:nx8a+ISkwEIeaWIWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118

Files

2b6fe5c490a00b888791b8b7ba590240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1baa5820e47f48744e28f7d70ae5cd05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

msvbvm60.dll

MethCallEngine
ord593
ord594
ord709
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord645
ord648
ord570
ord681
ord685
ord100
ord616

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE