5b263f6aac98387cde0d11cc87994f9b_JaffaCakes118 | Triage

Sharing

General

Target

5b263f6aac98387cde0d11cc87994f9b_JaffaCakes118
Size

7KB
MD5

5b263f6aac98387cde0d11cc87994f9b
SHA1

b4f4d797c3041bafed0c52d4dfccf83b74bea360
SHA256

e0dd0ccdd41c5a839b11210cd7b79f2a199ec11b4d11da046039e6024f807179
SHA512

b4200cc2e2f84b91cc5750b077a496f8f13e4a975e7f70728453a79145158bc958485722b336d213019015fe5b73f2af075500b5497a7b7a26f23489c55ea6c9
SSDEEP

96:mlukDn2bT9Goi7gKitddZlAz+tnlhEPvvOYOhhnkEaRACtry:YukDn2b5kgKCHUzGnHEPOLhhk5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b263f6aac98387cde0d11cc87994f9b_JaffaCakes118

Files

5b263f6aac98387cde0d11cc87994f9b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\manage\4910f457\bf3bda2d\App_Web_mailingpreview.ascx.4fdad74c.e6mxha6-.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ