0c52838e20d9b603f2b83b1e4958fe90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c52838e20d9b603f2b83b1e4958fe90_JaffaCakes118
Size

4KB
MD5

0c52838e20d9b603f2b83b1e4958fe90
SHA1

8652c1d5c2b9ec9e628877b3a589ee7074f57371
SHA256

afb355a59fb4fb580fe043e561587c7d1ba1b6971e37e1fce16018962f18e447
SHA512

9fa461d29f4f01988ed2f12884da5412bf12bcc826e4e7407bb3dc14555b42cb539b69ee334a98a55bebdaf669bf012bc4e94c7efc4d3b2f131bca180ea15c97
SSDEEP

48:iBVhsmbuRmIT9/VeOmGkEJEHGzp5/gw4dShtB6LMR+:WyRbMGv2HY34YhtgLM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c52838e20d9b603f2b83b1e4958fe90_JaffaCakes118

Files

0c52838e20d9b603f2b83b1e4958fe90_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3e97b03c725c1dd9fd9a4aa610856121

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWindowsHookEx
ToAscii
CallNextHookEx
SetWindowsHookExA
RegisterHotKey
GetWindowThreadProcessId
GetWindowTextA
GetMessageA
GetKeyboardState
GetKeyState
GetKeyNameTextA
GetForegroundWindow
GetClassNameA

kernel32

Module32First
GetTimeFormatA
GetModuleHandleA
GetLocalTime
GetLastError
GetDateFormatA
GetComputerNameExA
ExitProcess
CreateMutexA
CloseHandle
CreateToolhelp32Snapshot

advapi32

GetUserNameA

msvcrt

fprintf
fflush
fclose
fopen

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE