2e967e122e445ce641aea417d5e146a9_JaffaCakes118 | Triage

Sharing

General

Target

2e967e122e445ce641aea417d5e146a9_JaffaCakes118
Size

32KB
MD5

2e967e122e445ce641aea417d5e146a9
SHA1

592003e132fb71a29d074b141ab89e8692839ba4
SHA256

73a56b844310492fa7c76ede3b29c5076b15d3d551f9b5bd67273600a5b4820b
SHA512

d65aeb48bd545494e1d8c94aad52df57f084d577c1ee27f91a029ef5e491bd327f5d5b294f8ae4f3f5f6030ad972092d1bccacaa3b40544c6dc6d5ec9b5adfb7
SSDEEP

768:qSQs597nprAqT+VhaHEpQpSjabkMJXXIV7BNtUrU8IlB7AP+Qj3iS:dQs597nprAqT+VhaHEpQpSjabkMJXYTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e967e122e445ce641aea417d5e146a9_JaffaCakes118

Files

2e967e122e445ce641aea417d5e146a9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\JoseRaul02\AppData\Local\Bossland GmbH\Honorbuddy\2.0.0.5845\CompiledHonorbuddyAssemblies\Talented_634688214348320312.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ