3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118 | Triage

Sharing

General

Target

3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118
Size

160KB
MD5

3b0a00c115ab91c70263b836f22e4ef1
SHA1

74c6f0ad32a1a00818e075b51c54da3e2fccb42d
SHA256

f7df27bca0394e6444320e648d5745689d220389a8ee71f0707f77f44397dfd6
SHA512

c6a027f2a1553acdcd2a2df7cededad401392698b82c48a650dad3356eacebdb9058c59476287f13d16b3dd6f6f60bf0951ece6b476a172101a1e94c24d090a0
SSDEEP

3072:r3NmvQ67uM6mCru+CEmDROT3F2Lyl6ENIAhJpvKh8gpjFF6u:RmYsuU1EmDRO74m6mjW8+jFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118

Files

3b0a00c115ab91c70263b836f22e4ef1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f234410a71be624e1e2e13225bce3fe1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrCmp

kernel32

GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Sections

.text
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��ٸ��
Size: - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ٸ��
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE