08f535aa0f8c96afd5d7f7df3f5aa26e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f535aa0f8c96afd5d7f7df3f5aa26e_JaffaCakes118
Size

114KB
MD5

08f535aa0f8c96afd5d7f7df3f5aa26e
SHA1

af2a4e817d65f247be5d270040a85ed1a422fec4
SHA256

c53ef198042d52515a25fc8b24e2251e5d88063a37d5ae69bd2a7323c7a7e783
SHA512

603db2c654ecbe22e513a124f01aad17361224d79cc5f9c84e40d6bc4c135a9067871b7e3d478d598e2d47030d26f7bc0c9d63f96b2a7856a937369ddc3491c8
SSDEEP

3072:0tOdMW/NeXjegyWerHjLcWvJ/AjirC2E0ItnjcGvoTVS:0YygDLnAjACj0ItnjcGQT0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f535aa0f8c96afd5d7f7df3f5aa26e_JaffaCakes118

Files

08f535aa0f8c96afd5d7f7df3f5aa26e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

hmmapi.pdb

Exports

Exports

AddService
BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail
BMAPISendMail
DllRegisterServer
DllUnregisterServer
MAPIAddress
MAPIDeleteMail
MAPIDetails
MAPIFindNext
MAPIFreeBuffer
MAPILogoff
MAPILogon
MAPIReadMail
MAPIResolveName
MAPISaveMail
MAPISendDocuments
MAPISendMail
MailToProtocolHandler
OpenInboxHandler
RemoveService

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE