3dd0fe4da3c61c3b24d1005247e49d10_JaffaCakes118 | Triage

Sharing

General

Target

3dd0fe4da3c61c3b24d1005247e49d10_JaffaCakes118
Size

368KB
MD5

3dd0fe4da3c61c3b24d1005247e49d10
SHA1

abc384db867a276041d9f220b44e51f0cc5fdf3c
SHA256

c17a18193b8d0d855442ad771144224a0d3f86352c38b45cb919bbe4fee988e6
SHA512

6eb1f280cac3db314a9fd20d2bb85db4c335db19750a4ccbe8d56d1e74ac4ffa40a4669656a881f7f16ef364ae03e77f44c26eaff1283ec927bd9013c421c084
SSDEEP

6144:2csstnxymCgz5+4y6+aFjJaV2hyE9ak7r9l4trSW5aI:estn4mCgoIhFjJaVeB9ak7rr4IW5aI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd0fe4da3c61c3b24d1005247e49d10_JaffaCakes118

Files

3dd0fe4da3c61c3b24d1005247e49d10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1393b9bcbc05e6fb2083bcb55e89de5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord666
ord593
ord594
ord595
ord631
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord606
ord717
ProcCallEngine
ord644
ord537
ord648
ord570
ord573
ord685
ord578
ord100
ord616
ord619
ord581

Sections

.MeNDiL.
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MeNDiL
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.....
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ