370c8b2db57e5fee2f3e0a3b77eeed32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

370c8b2db57e5fee2f3e0a3b77eeed32_JaffaCakes118
Size

48KB
MD5

370c8b2db57e5fee2f3e0a3b77eeed32
SHA1

388c13df1f962799d3f9dfd47964eee75cd4d972
SHA256

fc7b95850bb3976011acf0bb8876679bb3347145ef3cdb53c1b13692a6468c6f
SHA512

e3bc709ecd28048e06f5bf016fd3d8ce4571dd31c4d77f693b8455191aa3f087152d3ede2e2ad05a7aea75bbfd6475b951253f98f00c94880709aeb88c6f8120
SSDEEP

192:2u7DtNK7bhAvcUBiTwHexQx/M9IjfAzp6UBdRRphohPRRZVr+3VyrbWZqEfi:DtNKnhgBiMHnM9IzAzpbDFOPRNCUqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370c8b2db57e5fee2f3e0a3b77eeed32_JaffaCakes118

Files

370c8b2db57e5fee2f3e0a3b77eeed32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e146b4b8c2078672d54e53e2e763efa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord666
ord595
DllFunctionCall
ord600
ord601
__vbaExceptHandler
ord608
ProcCallEngine
ord570
ord100

Sections

.scpack
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE