b47419995236d83c9009be24be2776c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b47419995236d83c9009be24be2776c6_JaffaCakes118
Size

14KB
MD5

b47419995236d83c9009be24be2776c6
SHA1

c55e2525aaea08d3256a14dbaecb07f076b180e4
SHA256

bf56306a246c759819b6c3dfd1b14f2e4639bb190d12e7da6679ae8d8af01710
SHA512

df649138ab64a89b9c36ad38bce0caa6d07af56cc9e03fe27e8a3a86a4e721bae57c86c257973a1c9936551a6ca38e10cdc73841c2f49887f44ad7425ddb6f7f
SSDEEP

192:x8UqegsnjtLFJtEpWjGe9EaGLRLanmhsLz9PZsJDMqqe:8QtLFJVORLRLamhsLz9PZcD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b47419995236d83c9009be24be2776c6_JaffaCakes118

Files

b47419995236d83c9009be24be2776c6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\odeonent-new\root\0a179002\45bde7e\App_Web_productdetails.aspx.fdf7a39c.hai0z9vq.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ