6abc8ba296ecb30e7e156b5b16729b69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6abc8ba296ecb30e7e156b5b16729b69_JaffaCakes118
Size

36KB
MD5

6abc8ba296ecb30e7e156b5b16729b69
SHA1

87ee6164079632743a10e7b10dd5167c1676fc68
SHA256

bf144895b95120af5ff9bb5fc839da3136e792e5ffb71d8a36fa78532d073673
SHA512

5d0892409c3d2a37a0db6eae42bf984e7032a18e9f552c66cdbd3aa3fb787c7d131e1899d02700a72f68c8e67584bc936081c8a272092f0a322316f9c70601d5
SSDEEP

384:KdK6C1dIG/47wdFfa2XJYwSAo8QeJnFiwmVG:KdC12hsdzY+sQcwmVG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6abc8ba296ecb30e7e156b5b16729b69_JaffaCakes118

Files

6abc8ba296ecb30e7e156b5b16729b69_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\10320003\Local Settings\Temp\6d0c8-kz.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ