3b29d0cef6d23779dd08c6e92776d368_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b29d0cef6d23779dd08c6e92776d368_JaffaCakes118
Size

9KB
MD5

3b29d0cef6d23779dd08c6e92776d368
SHA1

7d4291c76f8face2417f4d1bfcf36be13bc94f93
SHA256

743df5366b9a51812fbceaf3c522181e53c39cf9c4931b36e74a553f42127b01
SHA512

259c9903b32b4aaca919b4bae9902559b0b3591ef82d04b1dcf9d7aaf18907d631ec16c053a8fbe5f46f7142ce8236b9b56c2c863b6e9fc0b99f7c6181f396dd
SSDEEP

96:sBbJeZYTeApRltA/QsztqcigTEbR9boriAgJSh5imMZSM3s79hj3h:A1ekEQQdDTi9tzJSCm7pV3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b29d0cef6d23779dd08c6e92776d368_JaffaCakes118

Files

3b29d0cef6d23779dd08c6e92776d368_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Exports

Exports

FileRipper
Gadgets
InitGadgets

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ