3151940ba9d1bf14c4632695c15f2830_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3151940ba9d1bf14c4632695c15f2830_JaffaCakes118
Size

42KB
MD5

3151940ba9d1bf14c4632695c15f2830
SHA1

6c863e3a2e7b6fa799f044a1096dea5fac4aa11c
SHA256

821640fac247f81b8bdf07b0835f109f33aff6e1df17b0ff8632412fbebcddc1
SHA512

3f9eab2e1ee3f02654283546a1289fe87521cf9a5efae9142f4f1b22faf8ade9337f8568bf41d7f876f0823e36e6b405eb0474c4ef0cc615fe6a45f0f8db740c
SSDEEP

768:l2EGtTEKsCE3/LGT/5Jh9xR8u7CJvK+6TS+n9yg:l2EkTEKsbcRf8v56Tdz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3151940ba9d1bf14c4632695c15f2830_JaffaCakes118

Files

3151940ba9d1bf14c4632695c15f2830_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\TFS\AuroraMain\R1\Aurora.Migrasync.API\Aurora.Migrasync.API\obj\Debug\Aurora.Migrasync.API.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ