e86eb841e8a40d392511d1d427b49c1f_JaffaCakes118 | Triage

Sharing

General

Target

e86eb841e8a40d392511d1d427b49c1f_JaffaCakes118
Size

676KB
MD5

e86eb841e8a40d392511d1d427b49c1f
SHA1

910943b8dc5e75f5aa3b8b6e7b8122c95f630bad
SHA256

8ae3763dcce1edf61e249851fd0290dca59e24b1dca889ab0f455e376ee8f1a3
SHA512

6429e3a3ccc52ca7afbfd568ec7f85e838a668b27767b7732962cf8fe0b0d98abe545d7f71da28ee570fc738b669d42c58b7a8615033eae9562ff9c783c57937
SSDEEP

12288:1UGf2eBgn/J8hrZyjLDmIJ3CBRB+jVHBs9aixxfsI3RcMlm76mEAzbjMeBX7:1UeBj3IJuB+Ru9/LsI7+7oed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e86eb841e8a40d392511d1d427b49c1f_JaffaCakes118

Files

e86eb841e8a40d392511d1d427b49c1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b87ec3f3739568238feaf0613f00d2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord593
ord594
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord716
ord717
ProcCallEngine
ord537
ord644
ord573
ord681
ord100
ord619
ord581

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.snake
Size: 644KB - Virtual size: 644KB