2c54e4ad4bb6f99b780fb3782ca5db5c_JaffaCakes118 | Triage

Sharing

General

Target

2c54e4ad4bb6f99b780fb3782ca5db5c_JaffaCakes118
Size

6KB
MD5

2c54e4ad4bb6f99b780fb3782ca5db5c
SHA1

a0d386ef18b53e85ce2eb1885c34d2b4af8bfc72
SHA256

db00bcadb87306139df1ae2230668310e3452e69e4ee62b4a82950393b1a761d
SHA512

393afc1143ceb0c99d0157bc734c0229b8d94429993282de9a77b7657cdb726aa9b6920c6e1096935e4dd76970c88366d60b9a26e9b77b5ccf46285703993622
SSDEEP

48:6gT2DBuylSQwSAwKfr1PeZeq3IwoypVMwUNcuJ0Sdg0LeWbfvvcSHVJRVIwy08V:D2SQCwO8Zj3QymfLLeUX0SHrRVIwy08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c54e4ad4bb6f99b780fb3782ca5db5c_JaffaCakes118

Files

2c54e4ad4bb6f99b780fb3782ca5db5c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\tmp\iistemp\root\6e180678\98b73bff\App_Web_home.aspx.cdcab7d2.w8wskbjx.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ