41368b737bddfe86362bb33501d7d2ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41368b737bddfe86362bb33501d7d2ca_JaffaCakes118
Size

328KB
MD5

41368b737bddfe86362bb33501d7d2ca
SHA1

3ee04d28859ccb1347be6cba374c09b6a261c0ae
SHA256

1756b4dc9f2ea4fe2db58b35035ae277aec90afae4a81f6944ae3f2e877f6b3a
SHA512

5aad1482dba50f0eb880b1f698ef9d549d5857cce579f99e55bd3b3eb43d0ddc4bad999a0c893bc41abec2fefcddcb5c02af07d07489ddd8a5e137c998767ee0
SSDEEP

6144:RaTuwlHy/rrZ0KhoqTthYlcDEPp+aBHUuRJNT:sfE/rrZVhzhecY+aBtRJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41368b737bddfe86362bb33501d7d2ca_JaffaCakes118

Files

41368b737bddfe86362bb33501d7d2ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b615268a0568f5f5ca09c8d458367e49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord518
ord666
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord717
ProcCallEngine
ord537
ord644
ord573
ord100
ord616
ord619

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ