3e2765ca580e2131adcbca0678a585be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e2765ca580e2131adcbca0678a585be_JaffaCakes118
Size

229KB
MD5

3e2765ca580e2131adcbca0678a585be
SHA1

b96d1afa9c27cffb89dec3f46f04a7b33f70fbd5
SHA256

9dc18aefb63cb695027c4921e8c463e4050d280bf90487e65d77c356151da26a
SHA512

bc10308467048bcb14829e4eafcefa9071fe0431bf2f8af0b811575b1c16f961dac5cebc09a01cf861062dbb2e2a9560b12e59545b203eae89436e399778331f
SSDEEP

3072:zGTpTqXR/Qpik5JkEUGsWge3sdMml1xZtAgMo0kYMNO5VVelHPi:Mdwoq1xTPr/YM0bn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e2765ca580e2131adcbca0678a585be_JaffaCakes118

Files

3e2765ca580e2131adcbca0678a585be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

249ce160c71f16a63f7c226c8db7b050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord598
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord713
ord608
ord716
ord717
ProcCallEngine
ord644
ord537
ord573
ord681
ord100
ord619
ord581

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.....
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE