0e8b8e64296f1eeb759668ff6a27e804_JaffaCakes118 | Triage

Sharing

General

Target

0e8b8e64296f1eeb759668ff6a27e804_JaffaCakes118
Size

10KB
MD5

0e8b8e64296f1eeb759668ff6a27e804
SHA1

f4329743dec2aa23605fcde6086ef24d0bff22e6
SHA256

997065667a132dc691db5c117710977f8cb65a174d75d9d6a2ee00ae7f3817c3
SHA512

4fc8883d87d7d09b4275cdac402473b02dd2924fd467ba6a69b713245f2c68ac4a0673c1117bb3b75087c4939066560f7a67e3dc1d40948f9a9641dace3584c0
SSDEEP

96:tJ7y0Qfqnne0y+ZzRzf1LwO+nxkhhmF24dZx6d2M+ham4lz/aQBsGciGgsdaK0Ys:DQfqndy+ZZN4F2yAmgiUBKOHfT+P2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e8b8e64296f1eeb759668ff6a27e804_JaffaCakes118

Files

0e8b8e64296f1eeb759668ff6a27e804_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\Chaowit\Local Settings\Temp\anbw_dih.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ