InstallHook
KeyboardProc
MouseProc
UninstallHook
Static task
static1
Behavioral task
behavioral1
Sample
2dd58b4175cae305456ead9e111f8ca9_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2dd58b4175cae305456ead9e111f8ca9_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Target
2dd58b4175cae305456ead9e111f8ca9_JaffaCakes118
Size
7KB
MD5
2dd58b4175cae305456ead9e111f8ca9
SHA1
a02a084ee139ff26f73a19853377ebac31526f1d
SHA256
c9fffee07c3383f90acb751183ef61ff1b95dea75bea4c67ac454cf8aaabf061
SHA512
6b61e6496053cc0af5bce17cda16d1ac1123b94bab98a5f5155bbec94bb8b9ba56c471daf838a29c3e000bc5c51c1e9cc6ee82622694d857da647817f7f8b6c2
SSDEEP
48:6V/STU2hSWiRzEeHfaU9NNFD1oNgyAsc4ab9aRCPBkuBXRjJIB3:WOU66zEAXTFDWNgy1/w9aR9uBXRj+B
Checks for missing Authenticode signature.
resource |
---|
2dd58b4175cae305456ead9e111f8ca9_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
UnhookWindowsHookEx
ToAscii
SetWindowsHookExA
wsprintfA
PostMessageA
GetKeyboardState
GetForegroundWindow
GetClassNameA
CallNextHookEx
LocalFree
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
ReadFile
LocalAlloc
GetVolumeInformationA
GetSystemDirectoryA
GetFileSize
CloseHandle
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
connect
gethostbyname
htons
inet_addr
closesocket
recv
send
socket
inet_ntoa
WSAStartup
InternetGetConnectedState
InstallHook
KeyboardProc
MouseProc
UninstallHook
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ