b3fa2004f0896031716efa2dac6102db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fa2004f0896031716efa2dac6102db_JaffaCakes118
Size

48KB
MD5

b3fa2004f0896031716efa2dac6102db
SHA1

ccd867169b69f8c0b38722251dedf72cfd470bb6
SHA256

7caa65b5a7470e9f8d8ae8b03f2a2c34bdcc35b82c28eaa1821f637b667f9210
SHA512

8df77908e161cc38a99d7d48e6934094ac3f1a8272406c2f7915e670786a12b89a695e5f4de4da3403864033c12ff3fb13bec410c1857adfcc4f342283bcd0ab
SSDEEP

384:sywZDhGZHvVF5TFhTomPS8DG9E11CsgsX7rKHE5WZwYNdy2ZnkKuGagz/cSlkrfu:sywbGpr5TToma8T1hlXr6dVnkKDkbu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3fa2004f0896031716efa2dac6102db_JaffaCakes118

Files

b3fa2004f0896031716efa2dac6102db_JaffaCakes118
.dll windows:4 windows x86 arch:x86

354a02526487a52a5519ee15a4c3f27b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord205
ord415
ord419
ord553
ord344
ord758
ord409
ord849
ord160
ord827
ord864
ord858
ord312
ord747
ord441
ord365
ord397
ord329
ord476
ord248
ord765
ord346
ord349
ord775
ord770
ord772
ord724
ord774
ord385
ord722
ord443
ord377
ord307
ord214
ord395
ord304
ord305
ord811
ord362
ord364
ord477
ord512
ord511
ord795
ord513
ord822
ord594
ord444
ord447
ord522
ord225
ord552
ord515
ord509
ord318
ord406
ord793
ord657
ord550
ord551
ord525
ord528

user32

ord256
ord508
ord425
ord321
ord147
ord185
ord513
ord57
ord536
ord396

comdlg32

ord112

Exports

Exports

GetHeroAudio

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ