650eb8227582d55a6148dae23f3744c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

650eb8227582d55a6148dae23f3744c5_JaffaCakes118
Size

5KB
MD5

650eb8227582d55a6148dae23f3744c5
SHA1

a27660f4d2c056f38a208614eee3aa61d6e7ba5e
SHA256

73d90fbb5b8c77e47b3f6220dddf556ccdce80762d6118c16f5a5491b035d583
SHA512

270e4c80d6bc52566c2378f7265f90b4773600a66d433624880cb805e82034495ea48a12bcc5ef6743abf348010e4a74f440f52f9dea73004d92f74b069a038f
SSDEEP

96:XusxfQVl3wcLTxSbdVRQr2qa24C/PMUgIXZZXiKi7Xe79V:XuV3wWTcdUrxa2l/PM4XDXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
650eb8227582d55a6148dae23f3744c5_JaffaCakes118

Files

650eb8227582d55a6148dae23f3744c5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\snapshots\cc.net\mars_rfld_release_production\CT_SW_Foundation\Framework\HowDoIInterfaces\obj\Release\HowDoIInterfaces.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ