3b496db9bcc34bc6142d28f4e742e3ad_JaffaCakes118 | Triage

Sharing

General

Target

3b496db9bcc34bc6142d28f4e742e3ad_JaffaCakes118
Size

214KB
MD5

3b496db9bcc34bc6142d28f4e742e3ad
SHA1

65b9f8ccc5397bf8bd991fe5bf82d50b8af4316c
SHA256

ac3b4b905df71f64b8e7fef0a25cf7209e0e1e0ff5272d8452fa673201a30347
SHA512

a5294fd19bf4dbd2b73270ec45fea9e411daffcedf084c68d258558f55a3c8e3c936ccf2fb9c2c34a8e67b28aae9991b8033624679d36d849a88f52a56f2db6d
SSDEEP

6144:06bHaUwG1DZ0vqUkdf6A+wbanBEAdrTAfe7duzHFgAm:paU310vqBFoOaWGTAmtv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b496db9bcc34bc6142d28f4e742e3ad_JaffaCakes118

Files

3b496db9bcc34bc6142d28f4e742e3ad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
FKingSoft
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 197KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE