ce34a7eb22ec3f7d3129607209205c86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce34a7eb22ec3f7d3129607209205c86_JaffaCakes118
Size

209KB
MD5

ce34a7eb22ec3f7d3129607209205c86
SHA1

ba0a832e1e63ed13558d2eb9584e4aa139acac94
SHA256

2abe722bc65cc91e18ab5fb4dc6c9e1c56cdd0fc74ddb91b3865ded799c122d5
SHA512

3b2b3eae8eff716e20f1140924480eed213355b9363a21ec498a86f0035e97472b3eeb887ef00e8cfb814991322120f8c709cd7175fc24d8eb3c124f35449afe
SSDEEP

3072:omV8fc0hY5X1KAt6AjJFpTV+f5ofZu67H5TLgoYOYS2K3CpflnbjUYdHuFqHAQ:Y3hYDD5J+xofIMH5IoY020gfR139

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce34a7eb22ec3f7d3129607209205c86_JaffaCakes118

Files

ce34a7eb22ec3f7d3129607209205c86_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
FKingSoft
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE