f423aa2a24822483b80880726b7cbf5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f423aa2a24822483b80880726b7cbf5c_JaffaCakes118
Size

299KB
MD5

f423aa2a24822483b80880726b7cbf5c
SHA1

25256f340a6ec6845b5d7c27db24cc5a9dcd2b1f
SHA256

69d10f12c0f8b4c035932717d965d141d3c81499bd7ba6761c46fb3493a87adf
SHA512

aa8dec611853316389574dc4a4af306c2d1395f3db334c7eec847a60a47b034eb31f650d067146f05cccaa708852c24448f6c3069f2fb8da16a7022d017af36b
SSDEEP

6144:poOKPlLpRk+sU61NM9z4G99LDAhPaY96WvqLd4Yxd0:2OKPFBsIN9F8YY9V0d4Ud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f423aa2a24822483b80880726b7cbf5c_JaffaCakes118

Files

f423aa2a24822483b80880726b7cbf5c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Michael\AppData\Local\Temp\x00yddhw.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ