de77fe67ab2e6e3c363131292394daf8_JaffaCakes118 | Triage

Sharing

General

Target

de77fe67ab2e6e3c363131292394daf8_JaffaCakes118
Size

204KB
MD5

de77fe67ab2e6e3c363131292394daf8
SHA1

526dc1f6a0998451f1b77e7deeb0043007028fc7
SHA256

0dee2c1c6e26dd90ee7cb1abc2ad7429b7e1e15a348bcf4d9cd87861b3aa1f77
SHA512

6b88ed152362a8f12ac2d10b8034cde425143e27c7b49558788fea7f4c1141e8c302a174055367d018883c4124ce85d6309b2b96d502dc4979bd41e5685fd340
SSDEEP

3072:Fy67tngDYxpSvA0uIYBNLCCdk/ZcO8wX8lTk3/yADyCGgZS6l8QHLvs:F4KIaCC2/Zvn2ka8GuS6WQHLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de77fe67ab2e6e3c363131292394daf8_JaffaCakes118

Files

de77fe67ab2e6e3c363131292394daf8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\portal\ae22163c\91560e01\App_Web_694yq5dc.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ