408f1f661140bd0d2de0cedaf676dbde_JaffaCakes118 | Triage

Sharing

General

Target

408f1f661140bd0d2de0cedaf676dbde_JaffaCakes118
Size

92KB
MD5

408f1f661140bd0d2de0cedaf676dbde
SHA1

e87dd6a87df703842046ccd4b18f03f7c7986400
SHA256

9fa09723995ba844aa76d724c051dec357b85be157a34402ede6085f16141a51
SHA512

3f32912f6f23db50332deb03b6dea373547681aeb17db6ab03255a2c7270f7d025ad1779c89808cee3b60ce99b86fb0a34bf1b9c8970f66d3ef510015c776509
SSDEEP

384:4gZaoUtSBe0GIn+7azJeCSw888888888888888888889PZ5GgcHY4wy/874Gm0RD:4UpBe++2zHSi+jD3AR2Cybz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
408f1f661140bd0d2de0cedaf676dbde_JaffaCakes118

Files

408f1f661140bd0d2de0cedaf676dbde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec0d65f21e1cecaca83cfe02d6b84318

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord628
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord644
ord100

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ