e224a1708d4eee01a3f071696cb52e1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e224a1708d4eee01a3f071696cb52e1b_JaffaCakes118
Size

208KB
MD5

e224a1708d4eee01a3f071696cb52e1b
SHA1

5498ad21a91073bd6b018d0e6e38c5eb7bd6a9fa
SHA256

8e9c81d7aefeae4f41f865752bdf77008d2c6c96742ccb53de1601e92ee8cbc9
SHA512

c3e01feda04cba6aae0b4c132120f1de7f3d14d250bf94eca6c8a2919452f7a3650a774a149dba92fbbd21231168f03f00ce0c2447fe1e721d707fdb11e121b5
SSDEEP

6144:aeq0oIQ7oF5d7uZIJ8v9P4S0GLvBK78IR9C:a1IU8bueJa9P4SzDLIR9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e224a1708d4eee01a3f071696cb52e1b_JaffaCakes118

Files

e224a1708d4eee01a3f071696cb52e1b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e58cbe1987ce862de8a3ea3cc1782d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegQueryValueExA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
GetPlayerVersion
HxcDown
HxcUpdate
RunAD
Stop
playAdh

Sections

.text
Size: 197KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE