fa831d24e966a8dad215fc99d59b02c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa831d24e966a8dad215fc99d59b02c2_JaffaCakes118
Size

144KB
MD5

fa831d24e966a8dad215fc99d59b02c2
SHA1

f6d7b65451908c3afa679a5688391fdc1db4fbd5
SHA256

ddbcf41f6605cf35655cfce9e08c9632f40726c124a3e1c80eb7e611552aeac9
SHA512

e3f70732967fe1701134c119b8321d1a701814463e403621bf72752a8a3c45dd34786122270845862a2a05757e7b06c893a114993358f8f7b3cda46252f905d5
SSDEEP

3072:JibTTp78Cc+XBaY0Iw+dxCbT2HywffPQ8evCt49:6T14EXUbIR6T2lnQ8nI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa831d24e966a8dad215fc99d59b02c2_JaffaCakes118

Files

fa831d24e966a8dad215fc99d59b02c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

89710c7d4d8bf03322e48fa40e2124ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_adjust_fdiv
_ftol
free
malloc

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
SetErrorMode
LoadLibraryA
GetProcAddress

Exports

Exports

JgaCreateAudioDecode
JgaDecodeAudio
JgaDestroyAudioDecode
JgaQueryAudioDecode

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE