3407e8f0e93d25aa3a20ac8bba2a6610_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3407e8f0e93d25aa3a20ac8bba2a6610_JaffaCakes118
Size

11KB
MD5

3407e8f0e93d25aa3a20ac8bba2a6610
SHA1

0173d966aec9cb9f40dd3ee14215f3a274ed834f
SHA256

bd2c7b2ac1efea7799977b5bd3049f94442c114e8de58e04283f511bc5094d32
SHA512

7d90597699ae564136235def9024564326f1db10f8a48ab367e7b2c3f9fb8a55ccbda5ee9abfb00a935424bff207905729c01e7d7b0b37b2034f3f9b572ed53c
SSDEEP

192:Sa/df2Djkp7e8J+aYm2A3dsgNbbbA1SQNAmTrE715kzILS4:9f2Djkp7b+9qPA4CdekzILP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3407e8f0e93d25aa3a20ac8bba2a6610_JaffaCakes118

Files

3407e8f0e93d25aa3a20ac8bba2a6610_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\Administrator\Local Settings\Temp\vhky0all.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ