453c7be79b68e11e2464335f5a20471c_JaffaCakes118 | Triage

Sharing

General

Target

453c7be79b68e11e2464335f5a20471c_JaffaCakes118
Size

1.6MB
MD5

453c7be79b68e11e2464335f5a20471c
SHA1

deeb9045ce00fa14dea520ff1b66cc5142afbd19
SHA256

6db8eb9059af6db431e0a3db375b29877874759426e8170a117d57a1a8d58375
SHA512

7182c90bfb2dc073b401ce239d6ddbf6ebac043c0317f217e7ede979657dd741622b97d5220e6d1517d00ec90368e4d00b7272804b131ef3b25228fcd1158d08
SSDEEP

6144:W9I63H5TG5O2MPTbNJLVLYI5Q/+FN3+RViWZba4O6mEIjNK8FYB52KyaMF:W91x3LVLS/qN3+aWsF6ZIp0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
453c7be79b68e11e2464335f5a20471c_JaffaCakes118

Files

453c7be79b68e11e2464335f5a20471c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed5cdcc965493a05bcc0f6184ea7c7d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord666
ord595
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord717
ProcCallEngine
ord644
ord537
ord570
ord573
ord681
ord100
ord616
ord619
ord581

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.asdfghj
Size: 1.5MB - Virtual size: 4KB