1c4619707a61ea0275a7ef5b6412775a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c4619707a61ea0275a7ef5b6412775a_JaffaCakes118
Size

47KB
MD5

1c4619707a61ea0275a7ef5b6412775a
SHA1

5fc27950f2755862838733e516ad4bf985041bab
SHA256

1a358da02146a86044cf2dc86dcbb22a1f310ea73a4736b0ffbcbb9d3fa12c41
SHA512

082e1868ef2b0f9a9f1ed3381db5ad89d8e2de55a0b5ae2b9058323f5c354939cfb981f4f256fcb7c20d391f567256a275dc668dedc946e137bb0c5f8a81e0c6
SSDEEP

384:G4QJsFciFzxVyuOBnyRerh5liccMKKlKIjfXAIn+gJ1U74A8zn1S7A1:G4NVyuOnyK5Qc3KNIjfX3+M1YQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c4619707a61ea0275a7ef5b6412775a_JaffaCakes118

Files

1c4619707a61ea0275a7ef5b6412775a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\6239fced\a360cf55\App_Web_xnvslmt4.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ