4456b93fa84ead0e6c5020d665120262_JaffaCakes118 | Triage

Sharing

General

Target

4456b93fa84ead0e6c5020d665120262_JaffaCakes118
Size

80KB
MD5

4456b93fa84ead0e6c5020d665120262
SHA1

3c30e119261d2ed1b57887bee9e2bb895f120500
SHA256

b7eb38f8a922a1344be7186fbf3169e0d130b91498dfae583b9b6d942b40cdd9
SHA512

3c2b66cfefd00a5a8cd55b13275bec599213bc9695c3d2b69c2ed9198fb205dd9d899243d1398bb0c58a49fbc0ef5d3461a4589db69d38d5dec233272b8807e3
SSDEEP

1536:Q5aO0FX8PbNNkd73OKOeAXmfp/tbM5jx:Q0X8znkd73O1X29Mv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

4456b93fa84ead0e6c5020d665120262_JaffaCakes118

Files

4456b93fa84ead0e6c5020d665120262_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aba5d8fe794fdebd8fa021d1b293165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord692
ord586
MethCallEngine
ord558
ord595
EVENT_SINK_AddRef
ord527
ord560
DllFunctionCall
ord676
ord678
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord530
ProcCallEngine
ord539
ord685
ord100
ord617
ord541

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ