cde7ce41f372334dc122304117b4ebe7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cde7ce41f372334dc122304117b4ebe7_JaffaCakes118
Size

28KB
MD5

cde7ce41f372334dc122304117b4ebe7
SHA1

15701e349382b4eda60bca1571d63eff8c4416ed
SHA256

49cff45e6d1dcc071559ebccbeb03ab8e5cc4ca6d4517bc92847e715dc7fc26c
SHA512

ed4252fa1f4137cd094800b698fd3d0edd541cecd4747cbb54dfb3295e14d3ee58a8b378e7cb8263a4b33e4a9750e09e31ba22756cdd19fdaff0bbadd4e698b3
SSDEEP

384:fGdXq55heqlBafyXvahmzr1GeR7/uk3c4zLvn0zrToM1FNKSk4aNFP:wqgqHQv1FASk4YP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cde7ce41f372334dc122304117b4ebe7_JaffaCakes118

Files

cde7ce41f372334dc122304117b4ebe7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\User\Local Settings\Temp\nkjbw-c8.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ