a81509e2566f14c217dee05ede07e0c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a81509e2566f14c217dee05ede07e0c2_JaffaCakes118
Size

68KB
MD5

a81509e2566f14c217dee05ede07e0c2
SHA1

2d44258f8b5fe4972809148423ce8681be8d3b0e
SHA256

582f28b3767cf4f6b7303a7561361a1707f13f9899df9d965db0511eea22bd9f
SHA512

8f96bc0ca455bfec81a8afffda314f657f3f213cc6adec45b45eb164f6ed643006aab2a953c12a1691db2b464ce71d25fcccbd9a4d162fd5fd465b9dc71c7619
SSDEEP

1536:dxzSQeNBpdf6T9RasrsJEsi8GY1SAl2w6ElRXJ:dxWQeNBpdfK9oCsmsi8GY1SAl2w6ElRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a81509e2566f14c217dee05ede07e0c2_JaffaCakes118

Files

a81509e2566f14c217dee05ede07e0c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\IDE2\Dev\Next\DotNET\IDE\src\AddIns\BackendBindings\ClarionBinding\Common\Generator\Formula Editor\Project\obj\Release\FormulaEditor.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ