2ce3c1df1578c591ed99ad781e16407a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ce3c1df1578c591ed99ad781e16407a_JaffaCakes118
Size

2.5MB
MD5

2ce3c1df1578c591ed99ad781e16407a
SHA1

658dddc8e4b8e518b12e155b2da554cffc03d0cf
SHA256

6b40073ef169d04fb31fdd542c784d5b62f7b34595e5ea1a46b4ec671304ddad
SHA512

95c8dbb704c105387250d593c0a6792bca4def2f35359b43ce89cb0dd2082eb08ab0f6c3fbff5862a91a0b19aabc3dfd54c7b380af4d5f830d1da1e942d1b87b
SSDEEP

49152:7tOlENwYfBVfFbR2JCT5z/tGaUVZl0b9Q6Y9uP4G:7tsY5NFbR2ETlthgnsF4G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce3c1df1578c591ed99ad781e16407a_JaffaCakes118

Files

2ce3c1df1578c591ed99ad781e16407a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

830d9c705c7dc3273cc62f9dc2074ebe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord588
MethCallEngine
EVENT_SINK_Invoke
ord518
ord660
Zombie_GetTypeInfo
ord593
ord300
ord594
ord595
ord597
ord598
ord305
ord599
ord306
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord600
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord313
ord607
ord714
ord608
ord716
ord319
ProcCallEngine
ord535
ord537
ord645
ord648
ord571
ord100
ord320
ord612
ord321
ord617
ord581

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ