49c3efe9b00c3959f8a73ca0ac95e215_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49c3efe9b00c3959f8a73ca0ac95e215_JaffaCakes118
Size

28KB
MD5

49c3efe9b00c3959f8a73ca0ac95e215
SHA1

f345892044934b9cf6167c6ab4437a9e2aa5c1c0
SHA256

70b62722e178c822bd5c5e9025db4c9b0958c5a20b9c2cdc169f488664bb27fa
SHA512

5d04c15314e449d952c3c29c75126e6547083f7adfa67d75fefef6f790d2eea8911a6e6db8f3c5b4a0dcd214865f7bf6027f06c0b5e42783769d91dfd2f825d0
SSDEEP

192:kJQmFg+Plwiy20HdEi5E2imUP/npVju6D9rMj0l7JkZvaoF489pUYnf1qeX63Odr:YPEtHPTibCkl7JYar4NPXrdmcA6F/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49c3efe9b00c3959f8a73ca0ac95e215_JaffaCakes118

Files

49c3efe9b00c3959f8a73ca0ac95e215_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\portal\1867251a\5b1d9c99\App_Web_fselector.ascx.da7c7f83.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ