f1f74bf97194eef9e8b49206f6d13d94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1f74bf97194eef9e8b49206f6d13d94_JaffaCakes118
Size

27KB
MD5

f1f74bf97194eef9e8b49206f6d13d94
SHA1

af657791ec3424383a5538fad8c928d94c25cf71
SHA256

4f258dbe5780e615fc6b73bb2b9ff1614db7259539f17b71fbede7c58f083c74
SHA512

4dbf84248d7c52051fd709e6bc7c16b1bd87358a6865ad15a57afc0c84cfef1b4096b350df811088d9c63f64bd8cd289f98ed2c2b4086dad9bd021d3e4739a32
SSDEEP

768:CMjeAn1SLfZwnJ17Gnx17SnN17Lk+anINU:bpYjZCwU7k/INU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1f74bf97194eef9e8b49206f6d13d94_JaffaCakes118

Files

f1f74bf97194eef9e8b49206f6d13d94_JaffaCakes118
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\a5a5c614\392b4651\App_Web_gixlj1cu.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ