94176ffcee2a8636ae60d3dc5bd00510_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94176ffcee2a8636ae60d3dc5bd00510_JaffaCakes118
Size

84KB
MD5

94176ffcee2a8636ae60d3dc5bd00510
SHA1

f1adbe52d3f85221361bc4b6b7b0ba309fc0c12f
SHA256

33181021ce14463f91d907551e5e647b7b327aa891e0367bb853a76a137bfa38
SHA512

8b3836a8cfb1e6d1390d38865f137457f9e72cc8c263609c6f0d3b801c516aef8bb7e77802053c152bb84b98ea917e5c836c5275c8b2e6d12d7bb4c8af724635
SSDEEP

1536:hG2lT87Z63zJ2M81H79B2eQ9/BJJuBJqv0H5dBJqS:LT8t6312Th5Ue2gTH5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94176ffcee2a8636ae60d3dc5bd00510_JaffaCakes118

Files

94176ffcee2a8636ae60d3dc5bd00510_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1f9a24283152279bf4c74620dac0465c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1200
ord3663
ord1182
ord800
ord823
ord342
ord1253
ord1168
ord825

msvcrt

_initterm
malloc
_adjust_fdiv
free
_except_handler3
_mbscmp
__CxxFrameHandler
?terminate@@YAXXZ

kernel32

ReadProcessMemory
OpenProcess
CloseHandle
WriteProcessMemory

user32

FindWindowA
GetWindowThreadProcessId
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

Exports

Exports

??0CKeyHook@@QAE@XZ
??1CKeyHook@@UAE@XZ
??_7CKeyHook@@6B@
?Start@CKeyHook@@QAEPAUHHOOK__@@HKKVCString@@KK@Z
?Stop@CKeyHook@@QAEHXZ

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mydata
Size: 4KB - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f9a24283152279bf4c74620dac0465c

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 228B

mydata Size: 4KB - Virtual size: 121B

.rsrc Size: 4KB - Virtual size: 840B

.reloc Size: 4KB - Virtual size: 984B

.vmp0 Size: 16KB - Virtual size: 12KB

.vmp0 Size: 4KB - Virtual size: 1KB

.vmp1 Size: 4KB - Virtual size: 3KB

.vmp0 Size: 4KB - Virtual size: 1KB

.vmp1 Size: 4KB - Virtual size: 3KB

.vmp0 Size: 4KB - Virtual size: 2KB

.vmp1 Size: 4KB - Virtual size: 3KB

.vmp0 Size: 4KB - Virtual size: 2KB

.vmp1 Size: 4KB - Virtual size: 3KB

.vmp2 Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 228B

mydata
Size: 4KB - Virtual size: 121B

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 4KB - Virtual size: 984B

.vmp0
Size: 16KB - Virtual size: 12KB

.vmp0
Size: 4KB - Virtual size: 1KB

.vmp1
Size: 4KB - Virtual size: 3KB

.vmp0
Size: 4KB - Virtual size: 1KB

.vmp1
Size: 4KB - Virtual size: 3KB

.vmp0
Size: 4KB - Virtual size: 2KB

.vmp1
Size: 4KB - Virtual size: 3KB

.vmp0
Size: 4KB - Virtual size: 2KB

.vmp1
Size: 4KB - Virtual size: 3KB

.vmp2
Size: 4KB - Virtual size: 3KB