397212ccdb70595ac6e8158b06f91442_JaffaCakes118 | Triage

Sharing

General

Target

397212ccdb70595ac6e8158b06f91442_JaffaCakes118
Size

72KB
MD5

397212ccdb70595ac6e8158b06f91442
SHA1

1e539f765bdda4eef39140f73fe3fb99e8f1222d
SHA256

ed0fb05747d4cfebffde2947b9b051f022879f751a31a718f704f801f7c78e8b
SHA512

4355ee0369bf3807780a1b26df1151dfb2368ec73569ae042febaaf114f7ed687f35e4653b60ffb3c652f4b28d9df138b394dde10e669b3f856b50172a29b594
SSDEEP

1536:CtWScsZ4u9ucg4pP+NhNwyFiHdv8iyb9Y4:A3ca4u8ZwkbG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
397212ccdb70595ac6e8158b06f91442_JaffaCakes118

Files

397212ccdb70595ac6e8158b06f91442_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ae87a7e562f5745f2655ca24bf04c33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord187
ord586
MethCallEngine
ord660
ord663
ord595
ord301
ord598
ord520
ord307
ord709
ord526
EVENT_SINK_AddRef
ord527
ord529
ord560
DllFunctionCall
ord676
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord717
ProcCallEngine
ord644
ord572
ord685
ord100
ord613
ord616
ord618
ord546

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ