ef25f76adb50bcb6b2f8fb41b6f8a7fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef25f76adb50bcb6b2f8fb41b6f8a7fc_JaffaCakes118
Size

233KB
MD5

ef25f76adb50bcb6b2f8fb41b6f8a7fc
SHA1

2b21deafc56c9b59fa28731ced8509756cc7ccf5
SHA256

b2d91081d3740402ae3bf225ac8b0d428ae7839dd8d8d1364d362fa186d9731b
SHA512

c36e5371a23d4e01d150990ed95a418e27efe9d7e61756b50f9d62c843d0b6a06c01d8a96d567098e9bd97f6a67944353681c3df0445beee0faa9ebcf305aaf8
SSDEEP

6144:4ZIj2pGG5FLkUZAgMApKvhraYkfGhoBA6h7s5q9/L6fsP:4Z7pv5FoUZAg5qxd2GmBAwtD6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Wolfteam WallHack+X-Ray_inddir/Dowit WT Hax Loader.exe

Files

ef25f76adb50bcb6b2f8fb41b6f8a7fc_JaffaCakes118
.rar
Wolfteam WallHack+X-Ray_inddir/Dowit WT Hax Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\Arthur NE PAS TOUCHER TRES IMPORTANT\Mon Precieu.. a moi\D3MON Premium Loader\D3MON Trainer v2++ By Dowit\obj\x86\Release\Dowit WT Hax Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Wolfteam WallHack+X-Ray_inddir/Dowit WT Hax Loader.exe.config
.xml
Wolfteam WallHack+X-Ray_inddir/Dowit WT Hax Loader.pdb
Wolfteam WallHack+X-Ray_inddir/oku.txt