370154abe3f0e2ac0e5e3b8d5ea07a0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

370154abe3f0e2ac0e5e3b8d5ea07a0b_JaffaCakes118
Size

84KB
MD5

370154abe3f0e2ac0e5e3b8d5ea07a0b
SHA1

116917d335bd99e98a7d58b0b583fc74adb061fc
SHA256

34990188507caf10f99c3510e48cfaeedc8d000aa1da088b0612cceab5fef5de
SHA512

7a2c5a0c69920cbddcbd4ee31d523775e49bfce3d22a7e91b430bcfa6bd9e336dfa70f540edfef27daea9caa056be61487eb35a3aeb268ba5e1a409a9870dd52
SSDEEP

768:++poHylcrufUd//UsOs15EU+ZHYefGj8LcF8l59gLq:zpoHylcrufUd/GbU+Z4SGA4Fm5mLq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370154abe3f0e2ac0e5e3b8d5ea07a0b_JaffaCakes118

Files

370154abe3f0e2ac0e5e3b8d5ea07a0b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

t:\temp\Temporary ASP.NET Files\root\04edee33\25370c23\App_Web_oycrn093.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ