0db9e301d73779069d6e6d05875e1c7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0db9e301d73779069d6e6d05875e1c7b_JaffaCakes118
Size

141KB
MD5

0db9e301d73779069d6e6d05875e1c7b
SHA1

71834debbcab419dd8affd1d39dd38e2e1314a50
SHA256

f1ef3b451755139a2e3a25fcc62de71825ecc43af38bb9a53fa169e6c7773f0b
SHA512

c5bd0118454b7f063fca7b5d3cbdda28ddb28194c581ce78c26b1ad6f4e89089930978425b981bccd837e2d345a2e82b338211a4362210f7e45e735e7758b6fd
SSDEEP

1536:gBliYTLgKsG1Kp8UUrK9ngTA+Vynum1ta/hAoS:gHiELeGmjU+9nOTVynum1ta/hVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db9e301d73779069d6e6d05875e1c7b_JaffaCakes118

Files

0db9e301d73779069d6e6d05875e1c7b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SetDIPSHook
startNow

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARD
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ