8302164281077ebbbc8df683fb51b904_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8302164281077ebbbc8df683fb51b904_JaffaCakes118
Size

32KB
MD5

8302164281077ebbbc8df683fb51b904
SHA1

618ba5c4685c366155a42c60ff2d5ca0ce6e4d29
SHA256

bf53019a05eb94e21d9935a1775b975b83cbd323a03dac5111e99bed1ce0a1e2
SHA512

b98a0dee9f53a2b92d3846838ae9dc225fd9e7bae7116dfd32396bdfc7d12a00bb869f4d2eb40bafc3fa668c0d524382e1f2278be90bf7ec5b1e9125a30a4335
SSDEEP

192:mbCl+yWSIhOUhlflwHczHKh7pndf+T9zFCq2mPINEkQZU/9v9YZwWp9zx+NX41wa:W5x2yw7/facckE3U/DDNX4G1eUibf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8302164281077ebbbc8df683fb51b904_JaffaCakes118

Files

8302164281077ebbbc8df683fb51b904_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\c2d72b53\755c7522\App_Web_posttemplate.ascx.812e5541.yf1zwmxz.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ