5cc1bf0fde5834aa4e6ebd2bb86c45c3_JaffaCakes118 | Triage

Sharing

General

Target

5cc1bf0fde5834aa4e6ebd2bb86c45c3_JaffaCakes118
Size

6KB
MD5

5cc1bf0fde5834aa4e6ebd2bb86c45c3
SHA1

d24a57388507afa1d440287d32ead288f3b70207
SHA256

438127ae4c29bbe63720d594e4c177f6d81f589a8e11b74c99fac5ea8e27a721
SHA512

e2785ca6081fc55e62688491c9c0ee92a9ac4883eb51e3ff3cf63bfc2a06be1fcaad4cf793d649d69d8cca393e325b5688fcbccbfbbe7d09ed4c4e941d91cc2b
SSDEEP

96:I2f6AeSlLbTsCM7OrzIl0n+oGtIZoeNyiCEEx/KJ:17bAjO/W0+f47NSfx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cc1bf0fde5834aa4e6ebd2bb86c45c3_JaffaCakes118

Files

5cc1bf0fde5834aa4e6ebd2bb86c45c3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ab02e3f0e02fb5fd4e4cf238e6cc562

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\knox-457\max-externs\ext_win_release\iter.pdb

Imports

maxapi

finder_addclass
addbang
outlet_float
gensym
outlet_new
newobject
outlet_int
setup
outlet_anything
addfloat
sprintf
addint
addmess

kernel32

DisableThreadLibraryCalls

msvcr71

__CppXcptFilter
__dllonexit
malloc
_initterm
free
_adjust_fdiv
_except_handler3
_onexit

Exports

Exports

main

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ