5aacfe83bbe57c8c20de01770ffe8ce0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5aacfe83bbe57c8c20de01770ffe8ce0_JaffaCakes118
Size

4KB
MD5

5aacfe83bbe57c8c20de01770ffe8ce0
SHA1

1120a2012f6254c598844578ff9ac6dec73cb475
SHA256

ee0a0230a70726cd6eeead04af9289d78898dec39ab2f589bd5dcc08f1750565
SHA512

d47a9ad682d3cc172f549764245e2beb270a23435e4930ca9e6448a9cfa313573f271cb67c711d6bf689b634cbd1a0d8a60dc44c338ee7ea2744f5df85aa31bb
SSDEEP

96:GERUUIgCJwP4elGMEc3QG7fAzQrwvazQ4:tkm98MEc3QG7YM4azb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5aacfe83bbe57c8c20de01770ffe8ce0_JaffaCakes118

Files

5aacfe83bbe57c8c20de01770ffe8ce0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c920d58c8b1f9c03b88be9567406c2f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
IsDBCSLeadByte
RtlZeroMemory
SetEndOfFile
SetFilePointer
GetModuleFileNameA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
GetLocalTime
CreateFileA
_lwrite
CloseHandle

user32

GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx
GetActiveWindow
CallNextHookEx
wsprintfA
GetFocus

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringA

Exports

Exports

InstallKey
UninstallKey

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ