04727e7b17d70acae8b6b5e63d8a71bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04727e7b17d70acae8b6b5e63d8a71bc_JaffaCakes118
Size

240KB
MD5

04727e7b17d70acae8b6b5e63d8a71bc
SHA1

ce1500c56bd44267b6a12068d87e1cd1643ea245
SHA256

b9081caeab560688e162e9bc465f1e8b046e973e83e762c4416db0bd2b99e2dc
SHA512

49ead661bccb270f8a6d71e06667eee3359f98a4f9a1e666caeffe54067d41383de97a9857359587df511f1f0bf500c8f09163fd25b65de3f3aa86eb8cfb470e
SSDEEP

3072:SWlFUV29CcnYM3EXjsFXDrKn6QqZykBjb:13UFcnYM3sIFTrSSck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04727e7b17d70acae8b6b5e63d8a71bc_JaffaCakes118

Files

04727e7b17d70acae8b6b5e63d8a71bc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6a6c1e7d2a393443043a3815e81c12a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord398
ord913
ord64
ord72
ord404
ord831
ord814
ord247
ord578
ord109
ord519
ord933
ord942
ord939
ord374
ord945
ord948
ord709
ord266
ord475
ord408
ord521
ord515
ord151
ord577
ord361
ord50
ord676
ord534
ord908
ord183
ord839
ord316
ord525
ord527
ord319
ord847
ord844
ord845
ord788
ord846
ord784
ord431
ord351
ord429
ord128
ord239
ord240
ord895
ord334
ord336
ord337
ord476
ord372
ord517
ord878
ord663
ord775
ord538
ord542
ord875
ord552
ord802
ord231
ord80
ord819
ord549
ord546
ord613
ord254
ord395
ord432
ord435
ord564
ord565
ord766

user32

ord428
ord700
ord97
ord452
ord535
ord440
ord444
ord154
ord162
ord683
ord680
ord315
ord510
ord436
ord143
ord572
ord159
ord514
ord678
ord346
ord199
ord373
ord367
ord644
ord641
ord446
ord621
ord65
ord256
ord534
ord185
ord280
ord274
ord197
ord554
ord512
ord729
ord477
ord432
ord659
ord243
ord347
ord600
ord581
ord268

comdlg32

ord112
ord110

editscene

EditScene_ShowHide
EditScene_Init
EditScene_UpdateAll

editobect

EditObj_Init
EditObj_ShowHide
EditObj_UpdateAll

winmm

ord166

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

gdi32

ord222
ord144
ord406
ord46
ord527
ord535
ord573
ord422
ord141
ord19
ord362

advapi32

ord484
ord459
ord494

Exports

Exports

HeroMp3_GetVisModule

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a6c1e7d2a393443043a3815e81c12a8

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

editscene

editobect

winmm

ddraw

gdi32

advapi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 136KB - Virtual size: 196KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 136KB - Virtual size: 196KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 6KB