049438f895a980b6395e445754702f0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

049438f895a980b6395e445754702f0e_JaffaCakes118
Size

3KB
MD5

049438f895a980b6395e445754702f0e
SHA1

73aa0fe49a887f644e3f5bf4204960f3e1dcd20c
SHA256

6444c8443310d0819adaa39a254f93555e55519996619d6f4f44868cb7260955
SHA512

62eb55f3002b4b0c530f271b8640bc71a034ccf3234c1b18786c1f72959dba586ae1c5f4ac89977736df0a8d67ce722562af873a7deb6b5c2d77231b2bb10571

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
049438f895a980b6395e445754702f0e_JaffaCakes118

Files

049438f895a980b6395e445754702f0e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

21d0d31e22609917d349cf411e7feba5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
SetFilePointer
GetFileSize
CreateFileA
CreateDirectoryA
GetWindowsDirectoryA
CloseHandle

user32

UnhookWindowsHookEx
CallNextHookEx
ToAscii
GetKeyboardState
GetWindowTextA
GetForegroundWindow
SetWindowsHookExA

Exports

Exports

f1
f2
f3
f4

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ