bea1af410cc97851deef0d8cb17f0256_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bea1af410cc97851deef0d8cb17f0256_JaffaCakes118
Size

208KB
MD5

bea1af410cc97851deef0d8cb17f0256
SHA1

f291b7b19534a0ce3ae109c3d6046bd55b3f2985
SHA256

7548ae415e5ee9f0375fa8be1685cca54aa9fcabd8e1c16fe2013a2d3a70e9ec
SHA512

0c8674477a3d926483085ee6b3bc7c989740ef713a62e213b9ba0d71b5bfff5ee4c2a61e357b25a1bd5837cb0b98096eea70a44f3b8ce2205feb584aac549b0e
SSDEEP

3072:sC/UkpH6+HuDtMzYNIsSR0FzZaG9lDuKKJRuAi2RMa2FilLKHcXOKHfwAys:ukU+eMMtQozZNC+272GWcXPfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bea1af410cc97851deef0d8cb17f0256_JaffaCakes118

Files

bea1af410cc97851deef0d8cb17f0256_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE