3c3513d04cb9d9e90b654a759bdc7a3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c3513d04cb9d9e90b654a759bdc7a3c_JaffaCakes118
Size

20KB
MD5

3c3513d04cb9d9e90b654a759bdc7a3c
SHA1

770cf568ec03728e0af22c796a8c39a94ab6bbd8
SHA256

dbe777a654cc7134fa784d81e5fce64554ff6e97a123397ce5bfc9f5d1738a54
SHA512

e0cf91331852664e448e7f19193645458292777ce5ca6211c8f2e521bdb2a5599439d69d429d3197abbc1c962da3a51aa6cd9609fd8d4e204bbea7c5c723b1c1
SSDEEP

96:Y8RESNjLPAsoMQsQQ01eQGPbUZufXwPA0vMpbCKl1+IAuAhqdMqPI0sATKYs508r:t1LYqhToQwPAIfIAuAMqq6aKYs5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c3513d04cb9d9e90b654a759bdc7a3c_JaffaCakes118

Files

3c3513d04cb9d9e90b654a759bdc7a3c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5f41348d93901b3617913cdc81ec7df7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord666
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord645
ord101
ord102
ord103
ord104
ord105

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ