04020cef3330a0bd728a69245057378e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04020cef3330a0bd728a69245057378e_JaffaCakes118
Size

300KB
MD5

04020cef3330a0bd728a69245057378e
SHA1

ed20bd2197827f445a1130c9883d4e569c1e7338
SHA256

449db146b39ab78f1d45742bc055c66b7ddc276c353b84763f3b00daef28ae2d
SHA512

034b1d088193602a88baede5784c948b45289d119a8b3d14338d47676100eaa2f43994be64a8be8f08dccc7e6c71f907086ff8c96953e57f3cdef34188a2af36
SSDEEP

6144:PqGf9qoZkfC+KgVKVy6MN8lAxbWxYK7d0Yh00x:PqGf9qYkfC+KgVKVy6MN8lAxbW2K7d08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04020cef3330a0bd728a69245057378e_JaffaCakes118

Files

04020cef3330a0bd728a69245057378e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e443fda1986086959cc940c27931f41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord697
MethCallEngine
ord628
ord661
ord662
ord591
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ProcCallEngine
ord100
ord546

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ