0d44c4a221ce6362ea5d9ff0ae17e275_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d44c4a221ce6362ea5d9ff0ae17e275_JaffaCakes118
Size

11KB
MD5

0d44c4a221ce6362ea5d9ff0ae17e275
SHA1

2d29fb6724133bcfe42091e05ddb29557a071b5c
SHA256

b6bd4e33c3a189c879426715135f7535dd559ebb6e7061317657dbacd866cedf
SHA512

f974aebf38c7b746c4f673ca877c8d14de0d949f139c4c38108784840e463b79bccf60e84705b478b1f5822d52e570c7c7236554bc4912aa4743e84afb33e776
SSDEEP

192:/a/df2Djkp7e8J+aYm2A3dsgNbbbA18QNAmZrE715kzWLSb:Sf2Djkp7b+9qPAKCrekzWLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d44c4a221ce6362ea5d9ff0ae17e275_JaffaCakes118

Files

0d44c4a221ce6362ea5d9ff0ae17e275_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\10320003\Local Settings\Temp\1yvnfuk5.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ