52e873d9ca983d2afb1c63ca011720f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52e873d9ca983d2afb1c63ca011720f9_JaffaCakes118
Size

138KB
MD5

52e873d9ca983d2afb1c63ca011720f9
SHA1

00bd75b8e8ce6b8b8ed0ac3baf71a1af9c06879f
SHA256

0229efdba81f7dc0d1ad052b5bd7a59f9fe9b2b5221d3b7927a8a27668b5bc68
SHA512

3203c8d0a9c7529b7d09203346bd0b401ad8225593c37eaad0409040f6c4cc4afa109af70f326c0bab0e8f79da16ded9c70d8d1222a822ae928874dad7d1f30e
SSDEEP

3072:gbViXuz8bMgqgx/o1Bs5iAyf25PhlQF93Zj:gbVvExzbhO3Zj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e873d9ca983d2afb1c63ca011720f9_JaffaCakes118

Files

52e873d9ca983d2afb1c63ca011720f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e11f7c20e81ac85ba962afe9a06f6d04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord666
ord595
ord525
ord526
DllFunctionCall
ord563
__vbaExceptHandler
ord711
ord608
ord717
ProcCallEngine
ord644
ord570
ord100
ord616
ord617

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ