c7f4b73aeaab51996e54c7ffec5f147d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7f4b73aeaab51996e54c7ffec5f147d_JaffaCakes118
Size

28KB
MD5

c7f4b73aeaab51996e54c7ffec5f147d
SHA1

83bb0273807d9c097f44af8bc6cd06af6f40e5b0
SHA256

453b362dd5b4843d272ea49d3a950aee5f2e56a32db1057eda6d39e5f679b02d
SHA512

f2b93d2eff5fe7d90b3970bb8e8f9cb1393ab203d38bca12c06c562418e51ca420fa2fee1ad3609586ac44e05c46b8a0b7fba24cdfd6ad48f3542258a85ff0da
SSDEEP

384:f9V1egI0IODl5UWpKPtehbja9dwwBuvZgo9v7:f9ugDI6lctqXT9v7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f4b73aeaab51996e54c7ffec5f147d_JaffaCakes118

Files

c7f4b73aeaab51996e54c7ffec5f147d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\cardioapp\44affd05\21255572\App_Web_pfyuertk.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ