37ed277a2e92217fd3c9dcf6fb962e47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37ed277a2e92217fd3c9dcf6fb962e47_JaffaCakes118
Size

18KB
MD5

37ed277a2e92217fd3c9dcf6fb962e47
SHA1

490e96b2677ecfa0f8f77379dc39de093b42bfc7
SHA256

8f16adbb94180596922eed0ad2f7665f2b4674c4df2490b6f5b3d5e07ab6e6a8
SHA512

24a55dd3926380c0a712fc53a21e89ce4f40179fa009eed6cb1fe5d41997a4ce63e6e994cd6ead74ee651261402af4051cb4b66e1d06a28ff72a08e7f8c11d60
SSDEEP

384:F4qY9QisysXlm0RE/vA3NISgcdik9+0TWc8KOYzPNOA:gLqPS/YdISgmChYzPEA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37ed277a2e92217fd3c9dcf6fb962e47_JaffaCakes118

Files

37ed277a2e92217fd3c9dcf6fb962e47_JaffaCakes118
.dll windows:4 windows x86 arch:x86

13b9ab422efeb4b61d46b03d31174d2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetSystemTime
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
CreateThread
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

Hookoff
Hookon

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ