e283023e891e0977c9027da10fdc54ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e283023e891e0977c9027da10fdc54ae_JaffaCakes118
Size

208KB
MD5

e283023e891e0977c9027da10fdc54ae
SHA1

b44c372dfa6957dc39d4a1387297ca2bf2064a00
SHA256

8db02d82447bd500820b1ea454dc77cfc0247c081037147da8f2d0c17543f125
SHA512

3bdefba27588570c5242d6fadb2e6dfb95b01752f75cb94620b304f61e455fae31b562f98ecaf9b9cece4754e8b69e5df3a03dbe95d2247612868f23cc37dc65
SSDEEP

3072:69ZqOCsWevQmMKEwt9YGG9IrRRCZFeIB6se3YdezmLe/sbJ0NdL/vO/JXFAE:6fq7spFkF9SyeIBXeY6mLe/L2lH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e283023e891e0977c9027da10fdc54ae_JaffaCakes118

Files

e283023e891e0977c9027da10fdc54ae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0309e8c661095ce3957432573b68f898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemRealloc

wininet

InternetOpenA

urlmon

URLDownloadToFileA

user32

GetForegroundWindow

gdi32

GetPixel

advapi32

RegOpenKeyA

oleaut32

SysAllocString

Exports

Exports

Always
CallByControl
FKingSoft
GetPlayerVersion
Stop
playAds

Sections

.text
Size: 198KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE