4a0e50af155e62785c5649e0c5046d65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a0e50af155e62785c5649e0c5046d65_JaffaCakes118
Size

286KB
MD5

4a0e50af155e62785c5649e0c5046d65
SHA1

ba2fca2313258b81656cb22ed1217d183759b50a
SHA256

c5dec6a5d44ad1d12e78298fa87219e308c4bf48fb2c0a4718d48277e30b4bd0
SHA512

32f25d15826559be5a196ae15c3f2c72b39b241ac860b49ae32d454bcf21f32d244441d0cd0bc943927f9e8216689e7f3d7b762fda2a7805f6a469a1f65e1d25
SSDEEP

6144:RBkIgng/z3PTncLzvopC7vbtmO03JWy/Ehe/DvEzVdgqqVOA+5HDOGo:vugPk7opC7JmO03JvME/DvWDOGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0e50af155e62785c5649e0c5046d65_JaffaCakes118

Files

4a0e50af155e62785c5649e0c5046d65_JaffaCakes118
.dll windows:4 windows x86 arch:x86

08ebf6bfd383fb28bfef18ecb0aae1d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemFree

wininet

InternetCrackUrlA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

RestoreDC

advapi32

RegNotifyChangeKeyValue

oleaut32

SysAllocString

Exports

Exports

Adh
Always
ConfigCast
GetPlayerVersion
HaahSBd
IJHEHd
PlayA
PrioritSetAd
PutAdSpecial
PutAdsware
SetAdrkOn
StandupYoured
UPAdInfo
adee
jlkjde
plkeAq

Sections

.text
Size: 162KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE