a27e75887fcfe347fe8c1ad34574dbd5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a27e75887fcfe347fe8c1ad34574dbd5_JaffaCakes118
Size

52KB
MD5

a27e75887fcfe347fe8c1ad34574dbd5
SHA1

3015bad9939bd5c42398ba3095a38782726ee622
SHA256

4b823749b4de0c9c88f751d68e9a5053b425b3689e3a02eadb95976060f21d04
SHA512

307c7807e25a6bd46344d068ee8c370ac41c0f575ee3dd90583925a7e7b9c0c8fb41371ff9f8ab3f1deb238161d4068b0f28d2e42fff95a4d1d71186bb5ded0f
SSDEEP

768:pUSt+Q4ThOw/6IoOwteJI0jsiB9VBK1oRoDHzSSN4:pT74ThVXopegzDN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a27e75887fcfe347fe8c1ad34574dbd5_JaffaCakes118

Files

a27e75887fcfe347fe8c1ad34574dbd5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fa619ddfccece6c7829d81ef2e876c22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord76
ord109
ord128
ord892
ord770
ord577
ord151
ord50
ord890
ord517
ord704
ord815
ord515
ord519
ord841
ord521
ord336
ord337
ord334
ord266
ord475
ord408
ord374
ord183
ord840
ord316
ord319
ord848
ord845
ord846
ord788
ord847
ord361
ord534
ord784
ord431
ord351
ord429
ord372
ord239
ord240
ord896
ord254
ord476
ord879
ord909
ord538
ord542
ord876
ord525
ord709
ord432
ord247
ord395
ord578
ord613
ord435
ord564
ord565

user32

ord280
ord271
ord512
ord515

ole32

ord60
ord106

dsound

ord1

Exports

Exports

GetHeroAudio

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ