3121640362a256a0ac089d9bae658ab8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3121640362a256a0ac089d9bae658ab8_JaffaCakes118
Size

28KB
MD5

3121640362a256a0ac089d9bae658ab8
SHA1

0a4bcbec9b4ada2b1ec831d9c70261e41ff57039
SHA256

bd7c9a0408e2dcaa79e3cd459a654bd7f084d3c963bf0ebde69b23eea1fa3a44
SHA512

cb279a01755c6768accc16fa16d1760a7b18680201f42e8cf837bfee9ac611ee39f04f14797f3ae89a44cbfcd76468ab5306ecf382ded44b8ae4d6efe2f1d909
SSDEEP

384:+7CSSdmqsNm0PdCq5AK0TOHy/0828yiFVo7:RYGh6N7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3121640362a256a0ac089d9bae658ab8_JaffaCakes118

Files

3121640362a256a0ac089d9bae658ab8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\User\AppData\Local\Temp\lptytt7g.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ