d5d1d52ae2c5479eb5dded21656ed24b_JaffaCakes118 | Triage

Sharing

General

Target

d5d1d52ae2c5479eb5dded21656ed24b_JaffaCakes118
Size

117KB
MD5

d5d1d52ae2c5479eb5dded21656ed24b
SHA1

87201fc20230954670141ce7853c1e6c9bb92003
SHA256

bdc2b55659b8b89d1bb54d80b64d85527fb67382a4b8fc58852bb3513605822c
SHA512

f85b4c35853a1d8753f0e6805886229c00815779c8b082e1ab3496dcadf9c7759a6450c3d0f1548f14acc78e339b78a5ea570e9cdbefb4f8d226718d312d797a
SSDEEP

1536:HReaCi4LtqlqHrwr2zST+J5Zme8pDYJ0TFsII2jENH6K0SrXkEKcrXk:HReaCi4JMr4ST+odJDsIIKo6K0Sm0k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5d1d52ae2c5479eb5dded21656ed24b_JaffaCakes118

Files

d5d1d52ae2c5479eb5dded21656ed24b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76f77c52eb88ee980a1c6c87b3f04bbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord588
MethCallEngine
EVENT_SINK_Invoke
ord517
Zombie_GetTypeInfo
ord591
ord595
ord598
ord599
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord717
ord319
ProcCallEngine
ord644
ord648
ord570
ord572
ord681
ord685
ord100
ord320
ord321
ord614
ord616
ord581

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ