54daf773d7aa5c16e52f11682c0fd862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54daf773d7aa5c16e52f11682c0fd862_JaffaCakes118
Size

10KB
MD5

54daf773d7aa5c16e52f11682c0fd862
SHA1

23362ad424fc52187c86435922023db6c82d9468
SHA256

70b2d671c18e56bec76308bd6f7ec33b9e32f5fbc6d3ced674a9495cc0b10110
SHA512

09de68d98e9f6e5005865dba3744c7dfb390dce8e847e87362773d8b320e388b9148426d07ea04fa874c5560db5bbdd0bba56d39014b559802cb905f9f4566a3
SSDEEP

192:zX3YGHf34r/zrNstik0AuQ2oqGAG7Of3YZ4o:3Ar/zMiZ9ZWrqOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54daf773d7aa5c16e52f11682c0fd862_JaffaCakes118

Files

54daf773d7aa5c16e52f11682c0fd862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51fe4dec9176e4a59ed20e0c9af508de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord667
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord607
ord608
ord717
ProcCallEngine
ord570
ord681
ord100

Sections

inan
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

inang
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Inan
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

innan
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE