2d0cef19c046d3e7d71fa429a2213998_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d0cef19c046d3e7d71fa429a2213998_JaffaCakes118
Size

184KB
MD5

2d0cef19c046d3e7d71fa429a2213998
SHA1

92dd0698e5de3252690cbf46df4edb59520f82b8
SHA256

a380cc91875ff283893c9cc87b8d00a0691b9f08f90726ab75398fb5dbbdb2ab
SHA512

4c810aa43fb89d75daddec9ff7eb78cf4c780cd208383c4975de3d84996d5aecae6bd461b0419ed8b5369de2f0d238f8829215c06db893bfdd00b78f38f045da
SSDEEP

3072:/RR2I82oPPvqiDSG1qxaasMKUb+0Je5RDYbLnUcH/P+924sBWQEwat/AJ+A390:KIr0Pv1AaasMKw+7nDYkcHHa24sBwZAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Sothink.Web.Video.Downloader.v1.1.build.71213_KEYGEN-FFF/Keygen.exe

Files

2d0cef19c046d3e7d71fa429a2213998_JaffaCakes118
.zip
Sothink.Web.Video.Downloader.v1.1.build.71213_KEYGEN-FFF/FFF.NFO
Sothink.Web.Video.Downloader.v1.1.build.71213_KEYGEN-FFF/FILE_ID.DIZ
Sothink.Web.Video.Downloader.v1.1.build.71213_KEYGEN-FFF/Keygen.exe
.exe windows:4 windows x86 arch:x86

0325fffcedf4b01f9ef8a68d3cb5d884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

TextOutA

winmm

waveOutGetPosition

Sections

CODE
Size: 174KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE