304ce3a9cb0d642c7ece4600091f6798_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

304ce3a9cb0d642c7ece4600091f6798_JaffaCakes118
Size

8KB
MD5

304ce3a9cb0d642c7ece4600091f6798
SHA1

4a14c98906ee476ff58f1ff7af0190ec0f11e852
SHA256

b10401a8752e05b33e91513edb2d304ca0e9b55556f99aa59770855679569e87
SHA512

0aa2ea89db6b803c5983ec660b96b7e26f7c0d30ee29e53a5a16307f680ce7a48a7b28d21bd7ef13f990ac4ac73ed263f5977f71b4ecb130336bf519cd338e45
SSDEEP

96:JFQrzTqbq0ut0rdTFglZs13aSL0y8mnpx1LMcYpMobqS:JFQrzTqbcGBv3aSLUUpxecyMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
304ce3a9cb0d642c7ece4600091f6798_JaffaCakes118

Files

304ce3a9cb0d642c7ece4600091f6798_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Tony\AppData\Local\Temp\Temporary ASP.NET Files\homestaythai 20120424\8429aef3\7e27a97b\App_Web_2cdhupbo.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ