fe198ffb8c5de826f3531b3d8fb98f69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe198ffb8c5de826f3531b3d8fb98f69_JaffaCakes118
Size

102KB
MD5

fe198ffb8c5de826f3531b3d8fb98f69
SHA1

535b493bd1013e3ed09536f6ae5d417fa9a3d064
SHA256

775884503ae448db1a6721a240cdc0eeae31f5b4c99b5181f4d827cc7ee9045e
SHA512

6288b8321416cc9bcfcd813ea5501790306f10e06aeee7cb04b4bc49050f27e419d335cb3c88da3b036c81f1465c7560b215b2504e703e9bc424a453423640e6
SSDEEP

1536:pKpXiBVRX1fizaAX1S+D2kC6PUJiRIoEnjC7kRK8IguUc1g+G+Lf+tHjLTccb4AU:W0Ayu1g+G+Lf+tDLTDb1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe198ffb8c5de826f3531b3d8fb98f69_JaffaCakes118

Files

fe198ffb8c5de826f3531b3d8fb98f69_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\ivan.watt\AppData\Local\Temp\Temporary ASP.NET Files\root\26a72e93\888faafe\App_Web_lextsxir.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ