1bf01bc18cb92dbb88dfa745c2115b58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bf01bc18cb92dbb88dfa745c2115b58_JaffaCakes118
Size

24KB
MD5

1bf01bc18cb92dbb88dfa745c2115b58
SHA1

f69ed89ea5e557c646d19f1e176f6385d3563e3d
SHA256

399cc0052316404b4eb5f7e704f1deee7d02d5155dd753a3ba15b1e251aa3d79
SHA512

a2fda9269ef40650136ea1853562df624fa718661e16807ccb82291699bfb0f1564b35b69913f94313a88425cba8c486e558fe3faa42d60f4b250f952ddab557
SSDEEP

192:TdDS+5PFYPsT21HWsE++WnE3hgPWz6FSScDSmRAIzYR:Td++jY0T4HWsagExaWOFrGzGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bf01bc18cb92dbb88dfa745c2115b58_JaffaCakes118

Files

1bf01bc18cb92dbb88dfa745c2115b58_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\manage\8986674a\a942e645\App_Web_audithistory.ascx.35f9f15c.axezhdy_.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ