82487736e4d18925a50444ea0f1f0ac2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82487736e4d18925a50444ea0f1f0ac2_JaffaCakes118
Size

60KB
MD5

82487736e4d18925a50444ea0f1f0ac2
SHA1

9a79e4478d1a782a1299b53f9f9b51866a26951f
SHA256

a2492d109c7482ee94aeaa8da07469d788c5091948b1d5b2655e00f202e2f2b9
SHA512

3258e37c832629135a983b011353ec8cd0e1b4a1102cb4be1d9512bcc46f7b09ff74c9b281b64c2b28bf03211e6f190684fe46530ffc99d0d2af5c0ba421837c
SSDEEP

384:hS5UJb+FjS5tmvNdzyU5jLRBVaN8hWzLzLxk+qhRyMwz8HhXDTTmmMi/1/wOQ2K:hS5gc25tmFttq2hWzLnxk+qDyMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82487736e4d18925a50444ea0f1f0ac2_JaffaCakes118

Files

82487736e4d18925a50444ea0f1f0ac2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\161c564c\770595d5\App_Web_vq1-nqva.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ