1c70b6f49e895ce9ec13945e11fc7c87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c70b6f49e895ce9ec13945e11fc7c87_JaffaCakes118
Size

208KB
MD5

1c70b6f49e895ce9ec13945e11fc7c87
SHA1

4249b16157a1d379a626cbad841b3807e46e8d5d
SHA256

5a4980a8a368906f0e8f8a276834b626f093882117e7a8a9038d2be41c6c8b25
SHA512

72249c4e6c683e1da7ed44bc6a0413a0cc4becfb67e6ffca598e9eab658d61ac2ac60529891b414c7d4ab4e0fa39fa4dbfc80155c054d890cee7ddbd69513b51
SSDEEP

6144:KXEAf69UBb+xdtUQEhp6CG+Kt4AfXmdLdUCMxR:05fUC+6dh8+2vmRdUC6R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c70b6f49e895ce9ec13945e11fc7c87_JaffaCakes118

Files

1c70b6f49e895ce9ec13945e11fc7c87_JaffaCakes118
.dll windows:4 windows x86 arch:x86

52f9d47342bf693c8a63de436f2a57db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

CreateRectRgn

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE