710171aef4c5fc100a279ebf82893e94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

710171aef4c5fc100a279ebf82893e94_JaffaCakes118
Size

220KB
MD5

710171aef4c5fc100a279ebf82893e94
SHA1

4c64c442271106d8220056690115a48d129b4db0
SHA256

86741d82349744205df2a4d6d7f13f35bc75c7015400e8e7972b256de8a4e149
SHA512

1f4f20579cda83d130042926720fe600359f4b0ec06e8010795979b9c28b4a44ad6fe3bf08b276d53a2b48df5d6d8875031b21bc9f7ba7cc9ddedbb19426896d
SSDEEP

3072:0aBYkg4OXagaaCupvhYOADVB0iNUXJYMhN6H8R6l42uPHO0:0a2kSiaROB0WOh6H7l42uPHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
710171aef4c5fc100a279ebf82893e94_JaffaCakes118

Files

710171aef4c5fc100a279ebf82893e94_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\snapshots\cc.net\mars_rfld_release_production\CT_SW_Foundation\Framework\InputModelSolution\InputModel\obj\Release\InputModel.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ