96e1b7e54ae0ce539cfe6cc55dd45642_JaffaCakes118 | Triage

Sharing

General

Target

96e1b7e54ae0ce539cfe6cc55dd45642_JaffaCakes118
Size

1.1MB
MD5

96e1b7e54ae0ce539cfe6cc55dd45642
SHA1

b15a8dcc868aabdf32ff462cadc921cba4afb477
SHA256

082c5ed7f0134b9cc7c9f9d7d8420cf25a3b709a4ebf9797c9f8637d3f5cb767
SHA512

cf3c461c7d8906bbc079e06c132fb08acbbba80c62ec9b35fa0a4caa5945f55906eb3cf5e20a8b5ffce1460533a058d7e8bd50988584c514ff30451d45aaf903
SSDEEP

24576:HCzsJS/A1jPhEeYChuUUmLoNOaj/ND9ngpyVeTW7U+oLOzcRoqV+CZEl+Q/8nV:Hwbn79U+k9RR7ElX/8V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96e1b7e54ae0ce539cfe6cc55dd45642_JaffaCakes118

Files

96e1b7e54ae0ce539cfe6cc55dd45642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37a7e6b45711a4f582a0ac0c361c5628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord628
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord534
ProcCallEngine
ord644
ord573
ord100
ord618

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ