16b701a0bcb966da4e938c7a28ae841e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b701a0bcb966da4e938c7a28ae841e_JaffaCakes118
Size

28KB
MD5

16b701a0bcb966da4e938c7a28ae841e
SHA1

66154edceb3f5d92f2e8cbd0531f82fbf49bf684
SHA256

263a3b151bdcd7f95d65045498cbd57576fdb2c20cf59e56dac9b84f32f61d64
SHA512

93467d22265f1723effcaebf8a97fb2d9bf5444e17bc95e8157fe50c2452061fc80fb51cc95fc3ee7fa561eaf2927b1ec7f9242099c808ec0c7ffec00c58f5e8
SSDEEP

384:95Ym0EL/gFEZdz3qqqqqQP4We3GNXKhcqOv9://gFEZdz3qqqqqQAWDshcqOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b701a0bcb966da4e938c7a28ae841e_JaffaCakes118

Files

16b701a0bcb966da4e938c7a28ae841e_JaffaCakes118
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

t:\temp\Temporary ASP.NET Files\root\04edee33\25370c23\App_Web_wuci4glh.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ