8d0ab3ae074b45c43b6062fff3189056_JaffaCakes118 | Triage

Sharing

General

Target

8d0ab3ae074b45c43b6062fff3189056_JaffaCakes118
Size

48KB
MD5

8d0ab3ae074b45c43b6062fff3189056
SHA1

5b4d39a42b9d03c49cf5dd266af2042f6166bc63
SHA256

03aa2fde5e081138fefe7e15ee84563dc41e2e10746582ab27ad56e8b4b813ff
SHA512

8835de78e0266eab9ee7b7f335416228f5164b4915d91007df161e7639259956bc59c6838e2a81e0f518f4c6ab99b99fb7e5ed53c476f7501959379ecbf0d538
SSDEEP

384:qywZDhGZHvVF5TFhTomPS8DG9E11CsgsX7rKHE5WZwYNdy2ZmkKuKaHz/c:qywbGpr5TToma8T1hlXr6dVmkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d0ab3ae074b45c43b6062fff3189056_JaffaCakes118

Files

8d0ab3ae074b45c43b6062fff3189056_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bb22308969f419caa1ffbd19f0622559

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord109
ord404
ord408
ord578
ord314
ord832
ord398
ord934
ord50
ord914
ord949
ord943
ord247
ord815
ord429
ord337
ord374
ord266
ord475
ord183
ord840
ord316
ord319
ord848
ord845
ord846
ord788
ord847
ord361
ord784
ord431
ord351
ord241
ord128
ord372
ord239
ord240
ord896
ord334
ord336
ord476
ord519
ord517
ord879
ord521
ord909
ord613
ord432
ord435
ord534
ord151
ord577
ord525
ord515
ord254
ord395
ord876
ord709
ord564
ord565
ord538
ord542

user32

ord276
ord567
ord457
ord350
ord159
ord199
ord572
ord60
ord596
ord420

comdlg32

ord112

Exports

Exports

GetHeroAudio

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ