427d4d5d97597264788d85f49854564b_JaffaCakes118 | Triage

Sharing

General

Target

427d4d5d97597264788d85f49854564b_JaffaCakes118
Size

15KB
MD5

427d4d5d97597264788d85f49854564b
SHA1

97bf4770ef1c6d7fe28595042552a3c5d2c16e37
SHA256

79284e5c6817477ba4d2b52533aa3a30dcc3262701a88e0ff1b1865f7c62b13e
SHA512

2c56def0e08204b281b0bdf7b56e4c0bdc10b5e42d8f02d0e578bfe15b142cc90eb97fe75d1bdab4c8f48ba0c9aaa453d984b264f795b15c88cae191fc1dd65f
SSDEEP

192:gzaFAHL/rY1L11MuRNmJKnrFqyFRZvMnPyR49tMLd:KaFo7rY1L111RNHx6K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427d4d5d97597264788d85f49854564b_JaffaCakes118

Files

427d4d5d97597264788d85f49854564b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\9d4dfab9\eddefcfc\App_Web_dmmqni20.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ