415d5cb2891b8f0205efa613cc52af63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

415d5cb2891b8f0205efa613cc52af63_JaffaCakes118
Size

213KB
MD5

415d5cb2891b8f0205efa613cc52af63
SHA1

dc4ae19fb5620745852e37616be4004a101a00de
SHA256

fb986e0e22df9fbb4f7b407f9fd16099f224d13ba4635145ee69aaae6f711381
SHA512

f6e5c0d93471c8cbf2f7fb2b5b3211688137707c6c5df105376392e89d60857cd34219a1f931b892d44eaa1efba46943e5fa6d1febbd70079176ed44d413b353
SSDEEP

6144:LDISFKE4nqm2Is7f15Q4pS7nI46mE8qtKRw:LDISkNSf15Q4pSE46mt1Rw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
415d5cb2891b8f0205efa613cc52af63_JaffaCakes118

Files

415d5cb2891b8f0205efa613cc52af63_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ee01afde051c4002433cf1ed77fd0a1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

WSACleanup

ole32

CoTaskMemFree

wininet

InternetCrackUrlA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

DeleteObject

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
Stop
playAd

Sections

.text
Size: 203KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE