b33a71e4fe9640b623f9b68f72d56081_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b33a71e4fe9640b623f9b68f72d56081_JaffaCakes118
Size

208KB
MD5

b33a71e4fe9640b623f9b68f72d56081
SHA1

6f3b59e59f48692a217ebf334fffa2e47b8b87fd
SHA256

e9ce1dacd5432bd5fe1ca31fae401f3cbb6de99d3a5e6957058e0a624276f3f2
SHA512

49c90b01aa2f02ae9edc7e105d6f7f5fb6c13e92ac5acd0f9bf39217198885fc1eb0322b7c9339c6210698dc0080a670a0b6f96ae537b6c00d7537c230374375
SSDEEP

3072:7tpH0/tfq29U4e+a8zxSpeCIhNmHBeiqQrOPzKYSAiYCgF6strPjz8j+T6PKg383:7LUQ2+4XScXmHBx/AMA5rfe+T2zspv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b33a71e4fe9640b623f9b68f72d56081_JaffaCakes118

Files

b33a71e4fe9640b623f9b68f72d56081_JaffaCakes118
.dll windows:4 windows x86 arch:x86

52f9d47342bf693c8a63de436f2a57db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

CreateRectRgn

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 197KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE