b1aaeb89bceb6fec8d2a7cef555356d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1aaeb89bceb6fec8d2a7cef555356d7_JaffaCakes118
Size

14KB
MD5

b1aaeb89bceb6fec8d2a7cef555356d7
SHA1

877f0db2fb50d9348a55f3be2b24a07ca5df0c49
SHA256

a9d766d7c50262720d12c21372fab56da5c097167096c1b070ced955d02a5c87
SHA512

8d8b79f665b02cbe2c0fdb2b2da0f8bf805ffccff79060577f9560734cdfb20d46629bb98e6627a757288eb4abd40916dea6788fb589ba88f3e9b3c73f15e440
SSDEEP

384:geCTy0Fxsm7s2BLHeXFlFByWC90H8bjuT18:geOy0zHg2BLHGF7Q90D1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1aaeb89bceb6fec8d2a7cef555356d7_JaffaCakes118

Files

b1aaeb89bceb6fec8d2a7cef555356d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

InstallHook
SetDIPSHook
StartSendMail
UninstallHook

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ