0efbfdf08a2290322711d682143f6264_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0efbfdf08a2290322711d682143f6264_JaffaCakes118
Size

15KB
MD5

0efbfdf08a2290322711d682143f6264
SHA1

d29a3d2f055c6b83988394892f6019171bc7c43b
SHA256

c825b7b6bb107d716dc6287010e26648c0c72c41aae2c5cc148b74c63cb5faa9
SHA512

1cea8e168dd46144fe9b3348c3b875ffa13d71b92d52145de16b1d3b800dd67ad10eca95d2b5e7c2a40d4ccb14985ada3b107adfc0bfd00ee1a19ea41f780173
SSDEEP

96:ZdyM3jL/xUcWRlm0gJzFs1IHR2q7hWgdtzdpMxlFsnW:WgGcUlmrzFN5VWyp4FsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0efbfdf08a2290322711d682143f6264_JaffaCakes118

Files

0efbfdf08a2290322711d682143f6264_JaffaCakes118
.dll windows:1 windows x86 arch:x86

38415791784619214a97b1dd7bd98113

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingA
GetLocalTime
GlobalLock
GlobalUnlock
MapViewOfFile
UnmapViewOfFile

user32

CallNextHookEx
CloseClipboard
GetClipboardData
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetWindowTextA
GetWindowThreadProcessId
KillTimer
OpenClipboard
SetTimer
SetWindowsHookExA
ToAsciiEx
UnhookWindowsHookEx

ntdll

RtlCreateHeap
RtlSetHeapInformation
RtlAllocateHeap
RtlFreeHeap
RtlDestroyHeap
LdrDisableThreadCalloutsForDll
strlen
strcmp
strcpy
strcat
NtClose
sprintf

Sections

.code
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE