3782868d790d4a819df52ba74651c688_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3782868d790d4a819df52ba74651c688_JaffaCakes118
Size

180KB
MD5

3782868d790d4a819df52ba74651c688
SHA1

0862132cdffa952d9c896d29c808c0a5cc0c19f1
SHA256

f5e7ee45b113dea5c3d9f2cddf38cbfc94a0093c03650999fcc113eacdb5f186
SHA512

ee897a4ce9ebcb219e6318cb32551978eaa4c1367db9788f31a0333885bc184d8cd01419be1712e70158a4bf15da8f0d418a7a91cb1b330347423ca27d80a29e
SSDEEP

1536:uzRVOL0QGFjPD89Ewh5gGxv+yyfFha66K/0DpwmAVjBs3NTtfE2e0DU3Fsf+Pgof:2OYTFO5gX3fFb4nAl/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3782868d790d4a819df52ba74651c688_JaffaCakes118

Files

3782868d790d4a819df52ba74651c688_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d15f1f29aabe8a43f3f4a9cd6382b950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord620
ord516
ord593
ord594
ord595
ord303
ord598
ord309
ord631
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord717
ProcCallEngine
ord535
ord537
ord648
ord570
ord573
ord100

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ