306192772b02b1942e28ac64c8b6e0c1_JaffaCakes118 | Triage

Sharing

General

Target

306192772b02b1942e28ac64c8b6e0c1_JaffaCakes118
Size

56KB
MD5

306192772b02b1942e28ac64c8b6e0c1
SHA1

aca90a9e6561037e151a89a37938c8c2cf684c9f
SHA256

b63546da764bc705ac1ab4c7cccef2139353b8c0e4ef8ab083ecaa607306c6f8
SHA512

ddf3bd0d9e22e539831c41d1c906437545a24d108db2d7a25c0b047693386fd70a7de2169d8953381a34664d42e153fd63e86294ec881735dc0f41986e632bd4
SSDEEP

384:3lSXRaNJucZ9LkDuWiRc09eco9ucK9jcx9Ycm9VcL9jcL9lcF9y4tlApZ0Oy/kvo:JClApWOTD8YVk/eYPqCdKNuoZ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306192772b02b1942e28ac64c8b6e0c1_JaffaCakes118

Files

306192772b02b1942e28ac64c8b6e0c1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\FleetWiseVB\FleetWiseVB\Tool Tracker\Reports\FWToolKitList\obj\x86\Release\FWToolKitList.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ