bfcbd9fad0c5ebc55c011c5b314732e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfcbd9fad0c5ebc55c011c5b314732e4_JaffaCakes118
Size

32KB
MD5

bfcbd9fad0c5ebc55c011c5b314732e4
SHA1

fc8c748a94f935647c09c7776c27d5fba6abec3d
SHA256

d2f79d117f82a9ca1d7c20a9c106f5d3fb46590f609e9420802e9ac97ff270ea
SHA512

856df77cd94555dacb5088e08c0fc8071461b4b861f10125ed42ac4305a9f685d5fc640e9f63bad7cb7d9651c503b05ca41a4ac5139a2072022bd030c94dd90d
SSDEEP

192:/HRxvWFChy0a4fAvwtrUkgYGXK9NiDmjRvyJDntXIQqejVovVdH/+zSg09mLVAMC:fXOF21PJriDmjFyJJYQqejIH/KN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfcbd9fad0c5ebc55c011c5b314732e4_JaffaCakes118

Files

bfcbd9fad0c5ebc55c011c5b314732e4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\TFS VI 16 Jun 2010\SourceCode\VisualInspection\Framework\obj\Debug\Framework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ