JaffaCakes118_6213e41a15ae74c8b5f502fdca12bebf | Triage

Sharing

General

Target

JaffaCakes118_6213e41a15ae74c8b5f502fdca12bebf
Size

740KB
MD5

6213e41a15ae74c8b5f502fdca12bebf
SHA1

afb0a9001eb83164d36d85b1df8ffbfaa5979c2b
SHA256

467133ae0674f7f6b6d5f2f4f788118b88aa1c09f3c966826b9ade5b4f2379fc
SHA512

17c5a27a27a71a95db39e1b626da3c898a298bdfce54b072926a1a556800493d3e316c36b3c0f9d27a065dff16ba078ffc89dcf379ce519b4d7fc9b30be61538
SSDEEP

12288:MXkXyENrDviHr24/zBKD19kyGWpeo8eLbbVRJgPg6396tGXpAbHLDwYQ9bkU4Nu:QUxrDva7BKDLkyGWpueLOuRrLK9leu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6213e41a15ae74c8b5f502fdca12bebf

Files

JaffaCakes118_6213e41a15ae74c8b5f502fdca12bebf
.exe windows:4 windows x86 arch:x86

942eef7208206b2e589c12424f465ccc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord518
ord626
ord519
ord558
ord666
ord595
ord598
ord599
ord631
ord528
DllFunctionCall
ord563
ord600
ord601
__vbaExceptHandler
ord711
ord607
ord608
ord717
ProcCallEngine
ord536
ord644
ord537
ord648
ord572
ord100
ord616
ord617
ord580
ord581

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 696KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ