611484e03c1ab67d378e421dbf0a73f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

611484e03c1ab67d378e421dbf0a73f9_JaffaCakes118
Size

9KB
MD5

611484e03c1ab67d378e421dbf0a73f9
SHA1

4bb8d71a90440849a8cf8e8bb52f83a37a6ed364
SHA256

bf2774fb6833b70a92a12dcb5b24436abff41bdd3f695279cfbad5bd5ec24703
SHA512

591d64367f5750b2ae586a44c32c51eed4a6558d84459511f365dd5c4f2dc78c4fa9498d857ba0efbf22748a6e11439a9b6f5165df4b3c7bb7b2eaa9ec54b4e0
SSDEEP

192:IZpJvnJGpSvPgtzYJrlhmLAmVruzc7ba7xs:kJvnJn3yYRmLTxba7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
611484e03c1ab67d378e421dbf0a73f9_JaffaCakes118

Files

611484e03c1ab67d378e421dbf0a73f9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Chet-Vista\AppData\Local\Temp\okfbz51q.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ