aa42f8c2fdd48dabec91470526673f65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa42f8c2fdd48dabec91470526673f65_JaffaCakes118
Size

148KB
MD5

aa42f8c2fdd48dabec91470526673f65
SHA1

5473d5ba5949b10ce14726baea589b3f9533ab51
SHA256

c8decc664a326c631de9ad0707d573e05c5d8e7cc7e68602e48aaf201b92e2ef
SHA512

f6df1c680fa8abcf016661ee89178b3fa8f0ae887e0a9048d9f389a2165c79079f210d5993aa1f80f11011257f9e24a50c64ae7a7c8e8a108016f4a9e508f0ce
SSDEEP

768:idjLAi5smse80o1pPzUhmuhrDd6xsuNUVja/sl4VxdzNf5C7WaYdFGPnXIYt0V:idnXVzOPrwm4rhvUUVjaS4V7zp5CVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa42f8c2fdd48dabec91470526673f65_JaffaCakes118

Files

aa42f8c2fdd48dabec91470526673f65_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\portla2008\13670d27\2421a326\App_Web_blm2guwb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ