1a6ebbbc4b5001e7b54f3b53f9952c7d_JaffaCakes118 | Triage

Sharing

General

Target

1a6ebbbc4b5001e7b54f3b53f9952c7d_JaffaCakes118
Size

7KB
MD5

1a6ebbbc4b5001e7b54f3b53f9952c7d
SHA1

7dcd554f701677c89d80f4e420bb4587e6a3593c
SHA256

1fd7a47cd0d018af57d3a31af38118535ff61f599eb78999faa5e4c9ad956dee
SHA512

4a4f4ce1bb7da985272caca1599cf2b197469aec8701c97b877fef0dde8007b0cb121dd7cb04f6c549bb465b5dc19c5f216610399c4d5d62616eba2babff4f54
SSDEEP

96:oinUYvzNLthtPg3aDmu/PRksilVYFVyhEyDK9KTTKRNnQDS:oinv5xPKKRPn0hNn45t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a6ebbbc4b5001e7b54f3b53f9952c7d_JaffaCakes118

Files

1a6ebbbc4b5001e7b54f3b53f9952c7d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\manage\99798802\3f2612a1\App_Web_maeuuzzs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ