6067f360728d29d12ae891059f7cc0f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6067f360728d29d12ae891059f7cc0f9_JaffaCakes118
Size

48KB
MD5

6067f360728d29d12ae891059f7cc0f9
SHA1

8053c9f2cb71c271040c531b5fdc712f242724c8
SHA256

6db58b1932535ba410bc5ed282d9b0a5071a426d44eeb7d654ac71f97cf6f515
SHA512

54d65bc456dadaf06e953dc448094a7179808ba1a205d90134167e0df85d84a6e57210e78e54b51e4a40ea6fae131effae623e0b43e95c0311ab9b49014ef9ad
SSDEEP

768:HCE+6H5DTQei8jVxVXbi6aFZGpkKAGBO:i96H5DTQWjPQ6aK9ds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6067f360728d29d12ae891059f7cc0f9_JaffaCakes118

Files

6067f360728d29d12ae891059f7cc0f9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

885b79ab303f7266cb398b3c25fd1be9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord102
ord390
ord394
ord559
ord302
ord810
ord384
ord912
ord45
ord892
ord927
ord921
ord236
ord793
ord413
ord323
ord360
ord254
ord456
ord172
ord818
ord304
ord307
ord826
ord823
ord824
ord767
ord825
ord347
ord763
ord415
ord337
ord230
ord119
ord358
ord228
ord229
ord874
ord320
ord322
ord457
ord500
ord498
ord857
ord502
ord887
ord594
ord416
ord419
ord515
ord140
ord558
ord506
ord496
ord242
ord381
ord854
ord690
ord545
ord546
ord519
ord523

user32

ord276
ord567
ord457
ord350
ord159
ord199
ord572
ord60
ord596
ord420

comdlg32

ord112

Exports

Exports

GetHeroAudio

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ