3ffa2739ba312ecca06c4360847a6a59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ffa2739ba312ecca06c4360847a6a59_JaffaCakes118
Size

308KB
MD5

3ffa2739ba312ecca06c4360847a6a59
SHA1

8500f238aea037c35438e357a64e985b68e9c7b8
SHA256

e66d7dc26c14e124ba8753197863bcd62b7bc1ff640ded9f516987ed9f287755
SHA512

462b6ecaacc790189c7ae330907310e2a81f8b441a7bdbdd847c8f97bde92bdbc09ad8cabd199891dc4a7c74f0641c87ef1e84b2e144c3dab6b9ea26c84c7bd8
SSDEEP

3072:UHX0e1FB/DpKjCLHALCmdj1b5iaeegW8wgA:UkdtbgW8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ffa2739ba312ecca06c4360847a6a59_JaffaCakes118

Files

3ffa2739ba312ecca06c4360847a6a59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed80f688007fce3571ef12c04a9ae2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord631
ord709
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord717
ProcCallEngine
ord644
ord537
ord573
ord685
ord100
ord616
ord619
ord581

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ