eb469eb81d4e3444a34c9c351cd02dae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb469eb81d4e3444a34c9c351cd02dae_JaffaCakes118
Size

44KB
MD5

eb469eb81d4e3444a34c9c351cd02dae
SHA1

12e2ca2b6401297ed5822bf8d3a338aade582965
SHA256

676628d296c5d5db851c20ad86f6b82b5e4c36469a82e89afb7c354d91da9050
SHA512

7eedf8ba9dc45724084cd17b28903ff49ef9c7c4238945757c649ff171c110427db367582edede165f5842760207309acfac2417d86b7ab9ff8ef503d4e2ef49
SSDEEP

384:jOZeMC8MjMT138cOT0h1mOrFlqnXfi37mb0sbV3jyIoaVYI7uQ1Iok7:geXwT138n0brlCXK3M1jkaVYI7fw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb469eb81d4e3444a34c9c351cd02dae_JaffaCakes118

Files

eb469eb81d4e3444a34c9c351cd02dae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c377c7da3dd4518b242bd8ba474d8841

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord871
ord571
ord234
ord941
ord259
ord468
ord176
ord832
ord309
ord312
ord840
ord837
ord838
ord781
ord839
ord354
ord777
ord424
ord344
ord422
ord123
ord365
ord232
ord233
ord888
ord327
ord329
ord367
ord330
ord469
ord512
ord510
ord401
ord514
ord901
ord527
ord144
ord570
ord508
ord247
ord240
ord388
ord868
ord518
ord702
ord606
ord557
ord558
ord425
ord428
ord531
ord535

Exports

Exports

GetHeroAudio

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ