28d1e920e662406e39af775e11f21149_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d1e920e662406e39af775e11f21149_JaffaCakes118
Size

39KB
MD5

28d1e920e662406e39af775e11f21149
SHA1

a5b07ce11ad9a728125c5132262ea0a673107b47
SHA256

d3f5baf3ca19e59411cb7b0cd602940d674f1a1c7e7d00ab1ad0e9bda3b41840
SHA512

a68b479bae649bc5614d1d8082123ec6c8819a2c85b8d0d89ad3c23a7627b53611049e9a12175feb28adcf447aab51066bf12d8c3b3ea9b8cab4a0fc16e36fb3
SSDEEP

768:uD8+/YcxeyspaiYtoCgse+2RT62dc6jM:uD7/Yqehp6gACG2dc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d1e920e662406e39af775e11f21149_JaffaCakes118

Files

28d1e920e662406e39af775e11f21149_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\소스관리\SWERPPLUS\Form7\SCM\QMQ410\obj\Debug\QMQ410.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ