54db4ae5160771fe0cc01f6942120008_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54db4ae5160771fe0cc01f6942120008_JaffaCakes118
Size

57KB
MD5

54db4ae5160771fe0cc01f6942120008
SHA1

5e4b78a4914b0c810e4a35b48808c6626a53ac7c
SHA256

eb97b783ef379a8e2dca4daa07a3ab2446e0713b85186b4b51fc29b46912081c
SHA512

d99a13c6af368b93a5553c8cc91b04e8f2fc97149ffd954a04fdec57a391dae812f9d91104731af5b42901a7d4d150c2c77bd94e198efd50fb392e4f2af2df5e
SSDEEP

1536:UfJ/9PGoxtqu+jrGGH4/H2kwBdJyPxhfrtZHtgj5M:Uf59+oDqnjT2HuXyPxRfmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Trojan-GameThief.Win32.OnLineGames.sali

Files

54db4ae5160771fe0cc01f6942120008_JaffaCakes118
.zip
Trojan-GameThief.Win32.OnLineGames.sali
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 58KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE