d0be66595c974f8eaafd807b4741cdae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0be66595c974f8eaafd807b4741cdae_JaffaCakes118
Size

36KB
MD5

d0be66595c974f8eaafd807b4741cdae
SHA1

d0ef09c9d67b0bcb64efb10aaf336d17a6f76939
SHA256

61699bdaf332f90c243b58cf3ace05c49265cdfb172bb987b8cd121ac171b329
SHA512

024a7398b1d4323e7350060e0a2eb0aef86c3f007dcb1a7b0c33335368d547b61db049d6fef4dca6874be224265727d159f7193470ef7a9a84394825eef55b6e
SSDEEP

384:CsbHqkLpyMBfs0C/HeUigrBDuuqmeAPqYvJdORbmEC7Hvwt6:5qkjfgRigdi4yCJdwCEC7H4t6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0be66595c974f8eaafd807b4741cdae_JaffaCakes118

Files

d0be66595c974f8eaafd807b4741cdae_JaffaCakes118
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\88c205a6\755c7522\App_Web_jkmcty1y.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ