3e1fdeb9d215181fc763be0f411fa61e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e1fdeb9d215181fc763be0f411fa61e_JaffaCakes118
Size

214KB
MD5

3e1fdeb9d215181fc763be0f411fa61e
SHA1

b8ca616516b761f3cc9a0209b91b9accb316e3b7
SHA256

36ce746ccc48c149569afd92142a39efe732b642e59019952c95f4d6ebee83e8
SHA512

1e21d233e95a72bc747bddee53ecf8d970acb040a1eea44975e12b41598ef172c602628b71acb23a057e8ce0405a6c1909a4767989b8e7015fdc7f3233a91f2b
SSDEEP

3072:LiTQ2DiHJoMi6CEnHw2zBJzcSZ3qrByHyhJjy54hFVRR7PQy2rx1iW+8g0wBAHT:oQMwi6CEHBnLqrcxE9Rrr2TgI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e1fdeb9d215181fc763be0f411fa61e_JaffaCakes118

Files

3e1fdeb9d215181fc763be0f411fa61e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE