6365ff245de791bd4316121bacb1742b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6365ff245de791bd4316121bacb1742b_JaffaCakes118
Size

24KB
MD5

6365ff245de791bd4316121bacb1742b
SHA1

7c55e793851135707a6d195359e1465bd60e554e
SHA256

2c0fe00a8f5f16f005145548fdc860323f03a2d901e6da3d9efefa259c1d29c7
SHA512

2642d7a25a2778a87102679b59eb7ad4fc32e6d122759ce523ce20f45d12e2309d63bb887eaaaabae692edf7a8294706c4cc454a133c58fca4745a9c2000bbad
SSDEEP

96:xU+slCtXWqvVAgnXO+PMBywbI5uRuaj0u0Z4B7QrPfjs7yocaI/ffCWk7:xbsy5ln+aZXE37QrPfA7RafqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6365ff245de791bd4316121bacb1742b_JaffaCakes118

Files

6365ff245de791bd4316121bacb1742b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1994c3d19b4f9b63295c9bb65ec0b35a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDBCSLeadByte
GetSystemTime

user32

GetParent
SendMessageA
wsprintfA
CallNextHookEx

msvcrt

_adjust_fdiv
malloc
free
_initterm

Exports

Exports

CallWndProc
GetMsgData
GetMsgProc
KeyboardProc
MouseProc
StartHook
StopHook

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uinidat
Size: - Virtual size: 126KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 565B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inidata
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ