2e1f5fb962861e30d86fc251ef3d765d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e1f5fb962861e30d86fc251ef3d765d_JaffaCakes118
Size

208KB
MD5

2e1f5fb962861e30d86fc251ef3d765d
SHA1

295a9dacbf5dcee765047b8cc9ee2a7092099d2c
SHA256

a0d40766eaed5fb4877b52e5981d83900635b23524a262f6b1f76e6814e5da1c
SHA512

6f684cf6e6a60a7d4658278ce6b767eb769f75eebf7f61300edfffc26657790d13e0c2605e5d23be42296b38dcde96fe9a87454cc13a9b1d9609a7fcbae5c39b
SSDEEP

3072:ngCuetZ1j2b4zV2JYky7kZIaCXRt0fMyL1DACTV1OX4BFyjid04r14Am:gveXh2C2JtZIacRi0qhTD7M4rC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1f5fb962861e30d86fc251ef3d765d_JaffaCakes118

Files

2e1f5fb962861e30d86fc251ef3d765d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
Downing
GetPlayerVersion
KingS
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE