40f14ddc601b429875b3a93c87dbb782_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40f14ddc601b429875b3a93c87dbb782_JaffaCakes118
Size

2KB
MD5

40f14ddc601b429875b3a93c87dbb782
SHA1

283b1077713500ea15b962172e1398eddcb10e9f
SHA256

bf22507cd2f00b62d34cd2d84f03e9f08f488be9e2358304918c942a8a6a84d3
SHA512

617e3e1f49f106eb43ce035c8493c8700e27eda3276cc48e0f326627d07d2a59ca3f569d928524723b59d2dba1292b2d0168c31cffd018df777f07eb721e5d9e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Spu NimBuzz.exe

Files

40f14ddc601b429875b3a93c87dbb782_JaffaCakes118
.rar
Spu NimBuzz.exe
.exe windows:4 windows x86 arch:x86

74ae5cf95a7bf26668d53e20e22435b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord632
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord608
ord716
ord648
ord100
ord581

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ