31afc4a395fe4654032ed5f6b2da6317_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31afc4a395fe4654032ed5f6b2da6317_JaffaCakes118
Size

6KB
MD5

31afc4a395fe4654032ed5f6b2da6317
SHA1

b0a0e1408bbd741baf35ac3fafa98180a327f369
SHA256

051c65c1241322f923d5c46ba7d9bbb56bd9a39f7bd8341896d72839679f18d9
SHA512

5c45f2a12cc984f8045b5a3f06f25e7bd9b0deb09e606c48b22edbd1411a2fcccdacbd142bb5a002a7e315b3f9d379375663d028768fb2c87b7c2a39133ebc64
SSDEEP

96:spPPRYgdKG9XMDwAoLyaC8B7+N+eCklWi2xXRI3uZd:sjQwYcqkh3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31afc4a395fe4654032ed5f6b2da6317_JaffaCakes118

Files

31afc4a395fe4654032ed5f6b2da6317_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\768b2ce6\8c5a192b\App_LocalResources.client.cdcab7d2._m9xw0bu.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ