3e87f5296ba6b45a5cd746492faae3b5_JaffaCakes118 | Triage

Sharing

General

Target

3e87f5296ba6b45a5cd746492faae3b5_JaffaCakes118
Size

14KB
MD5

3e87f5296ba6b45a5cd746492faae3b5
SHA1

184dc4934e7d6f9e8a8cb6ade49ecbb3a64d88f3
SHA256

2ef52250ed720a382f886313dc1e8ca52ec86329bb1c216a64be495071e5df36
SHA512

c54851dbbd3ede529c03a30eed8e4c3473cc2747265bd31158d2bfd577b28cdf98384da6ca600311389ba694f09f980ea2b1d696d095e526231bee159bd136ca
SSDEEP

192:TAjyFyYs8j1Op/r+ozDVlJ4iHKM80GeWyPEi0/o+mm5ZUGYck9vZS7MSYN0+KLt+:yOl4DlzDVl+fMKf/b5ZQQ7+Kxpg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e87f5296ba6b45a5cd746492faae3b5_JaffaCakes118

Files

3e87f5296ba6b45a5cd746492faae3b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c61548c1baf4fa19633ff6465945defb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
CreateThread
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
CallNextHookEx

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenUrlA

Exports

Exports

Hookoff
Hookon

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ