41b4eaedfb8560e78d4b31ca8f816099_JaffaCakes118 | Triage

Sharing

General

Target

41b4eaedfb8560e78d4b31ca8f816099_JaffaCakes118
Size

47KB
MD5

41b4eaedfb8560e78d4b31ca8f816099
SHA1

a161a615e552ec100f46d64458208006735044b7
SHA256

c69ba8522e1bf103a6afee3a2ceec7af2279d7b105d14f09f832f0f7c51ab3f6
SHA512

4de2107e436dcd4c3fd97f5f599c514bd7e43aca883340d4d122378fb6279f17790349f64667c39e10c2b6054f4e7823049bee3dcc2367c3640a0079a9037daf
SSDEEP

384:8fqllvwbM5fj4GDp1XHL0mPFez6BepcnDh7xUzNEZajE/E0VBS6/PnuoOF:8fGl4bm74mLDYWB2WWN69NBvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b4eaedfb8560e78d4b31ca8f816099_JaffaCakes118

Files

41b4eaedfb8560e78d4b31ca8f816099_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcb4f8818e5391bbcdc928a3dd7b6ad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord593
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ