a6c380141dae8f3724cc2ac06441e081_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a6c380141dae8f3724cc2ac06441e081_JaffaCakes118
Size

17KB
MD5

a6c380141dae8f3724cc2ac06441e081
SHA1

5827add73ae930f1f5561ec4bd2de73a54adcd3c
SHA256

900b10130bb8c12c22e9b29c76062152b1cd6195c4e7512e83514e653f546126
SHA512

74016c06d8d1be5f2802c1cf6f7abed817b0a7273c18829c1cadc027ce7970133913d638e46203eaa83bd0819e59359a8e5a8929d64c12e7d745a00c657eed8e
SSDEEP

384:IS3esdz9oC8pWbwHq8+xOqTOpGDUzq1q7P+PGc:ZZochOuOpn+Ir++

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6c380141dae8f3724cc2ac06441e081_JaffaCakes118

Files

a6c380141dae8f3724cc2ac06441e081_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f1bc3a0a50dd00f8f057580ec0e67b1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\ва\Desktop\InternalCheats Private\Hans Menu + Hack\Release\ttyh.pdb

Imports

kernel32

Sleep
ExitThread
DisableThreadLibraryCalls
GetModuleHandleA
CreateThread
VirtualProtect
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount

user32

MessageBeep
GetAsyncKeyState
SetRect

msvcr100

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
malloc
memset
_crt_debugger_hook
memcpy

d3dx9_41

D3DXCreateFontA

Sections

_TEXT
Size: 512B - Virtual size: 431B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1bc3a0a50dd00f8f057580ec0e67b1d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcr100

d3dx9_41

Sections

_TEXT Size: 512B - Virtual size: 431B

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 832B

_TEXT
Size: 512B - Virtual size: 431B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 832B