2ebd4748189c6531f7f04dbe2b9fb711_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ebd4748189c6531f7f04dbe2b9fb711_JaffaCakes118
Size

4KB
MD5

2ebd4748189c6531f7f04dbe2b9fb711
SHA1

9889fcac2a33a5cf20a80eb1e1ef4b1e32994d0f
SHA256

1951fb6da96a8d3529e568c1ef4437992f4d25650730ae84d93abf1123087e51
SHA512

8040e8ae5795c1a8dbdb4a07401bde2659a23763a8f00b85fcefdfa8aa2d8db77eac1ccea91431c3fe92ae37b86be73d45a23f26fca4b19055e04fab4671e73a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ebd4748189c6531f7f04dbe2b9fb711_JaffaCakes118

Files

2ebd4748189c6531f7f04dbe2b9fb711_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b631f3355da7e1ff0dfa75f7e9c15dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWindowsHookEx
ToAscii
SetWindowsHookExA
RegisterHotKey
GetWindowThreadProcessId
GetWindowTextA
GetMessageA
GetKeyboardState
GetKeyState
GetKeyNameTextA
GetForegroundWindow
GetClassNameA
CallNextHookEx

kernel32

CloseHandle
GetDateFormatA
CreateMutexA
ExitProcess
CreateToolhelp32Snapshot
Module32First
GetTimeFormatA
GetModuleHandleA
GetLocalTime
GetLastError
GetComputerNameExA

advapi32

GetUserNameA

msvcrt

fflush
fclose
fprintf
fopen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ