956abc9aeb6c91ef190ddee728bdaa6d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

956abc9aeb6c91ef190ddee728bdaa6d_JaffaCakes118
Size

134KB
MD5

956abc9aeb6c91ef190ddee728bdaa6d
SHA1

ed0ccd1a5d74d3dfc189768cbd862288e5a0aa32
SHA256

0a7765976f15b590c370dee94e375a917271ba55a68195cfc957a7a7ff9cbe01
SHA512

ddc5d72f63c1e28c7cd8faf0f7a0147f0ae605b20c9617bb980e0da672a86464fc6a4ab4e289477fe7dcc34f579ece963219015f24e94f8e57bbbade4f350016
SSDEEP

3072:7Lr4Syl600H6epJI26fSBStvYzv47MSGKpxJ91Z:8SyOx6fSBStvYzv47MSGKh91

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
956abc9aeb6c91ef190ddee728bdaa6d_JaffaCakes118

Files

956abc9aeb6c91ef190ddee728bdaa6d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\subversion\manager\trunk\library\LiteClassLib\obj\Release\LiteClassLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ