419d5f183949544dd12a5fb8ebb609df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

419d5f183949544dd12a5fb8ebb609df_JaffaCakes118
Size

18KB
MD5

419d5f183949544dd12a5fb8ebb609df
SHA1

49477c95f31218a7673f1f42902c6760ada97b2c
SHA256

7e9e9e79bc8331ad07fb0e95a8401acc0fe864ebe62975745f518cc03f3f5e1c
SHA512

8e87a92815d3f1addb77344c0ff16687e392f42d302c1fd35f83446d0ae07a6b2ca95e7d1cb9947d92c5dd3f18be5c1e136e64470fde5aa110914eb501cd4967
SSDEEP

384:L4qY9oC8HlqUOEYl/TlHThPEWE016cSUESWof5K5IdF8KOLrP6NzU2a5:EqzlYl/hVEWEdzsRK5gyhLrP6N0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
419d5f183949544dd12a5fb8ebb609df_JaffaCakes118

Files

419d5f183949544dd12a5fb8ebb609df_JaffaCakes118
.dll windows:4 windows x86 arch:x86

13b9ab422efeb4b61d46b03d31174d2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetSystemTime
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
CreateThread
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

Hookoff
Hookon

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ