070595a9bb2e770a5eb2bc735b8a495f_JaffaCakes118 | Triage

Sharing

General

Target

070595a9bb2e770a5eb2bc735b8a495f_JaffaCakes118
Size

40KB
MD5

070595a9bb2e770a5eb2bc735b8a495f
SHA1

d77fe84a63882699b1d5016810ca5d2381131102
SHA256

6bde23a6968c44fc5c8af001429f982df94a7d2f1f09d4c72b3856317d05486b
SHA512

75caeef6527eab3e56cd781652089026272de63a7d50a6ea667f8e057a42a4586aac6bf75d2622d2d366f64fcc3b928fa40017025eb6e90d1a93d73b64518d7d
SSDEEP

768:uFNLNIdMqjIcPsgsVqUvwIadmmMLMtz5juTD:wNLN0MtVwIcmdAtE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
070595a9bb2e770a5eb2bc735b8a495f_JaffaCakes118

Files

070595a9bb2e770a5eb2bc735b8a495f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\__Dev__\TraceProUtilitiesDev\TRACEPROUTILITY\clsCandelaOptimization\obj\Release\clsCandelaOptimization_IO.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ