EnHookWindow
UninstallHook
sub_getmessage
sub_keyboard
sub_mouse
Static task
static1
Behavioral task
behavioral1
Sample
a8dcbb6b2ec570c7b536a082ac01ef96_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a8dcbb6b2ec570c7b536a082ac01ef96_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Target
a8dcbb6b2ec570c7b536a082ac01ef96_JaffaCakes118
Size
16KB
MD5
a8dcbb6b2ec570c7b536a082ac01ef96
SHA1
63059e1d3859e97c516d67eaebe0e35ae696167f
SHA256
bb285262ef85a75dadbfeadbec095426da0c703816b433ad885e511f7b86a397
SHA512
b2f4d30c71623cda10ac028581e4b6649b39153e78c51461a4800fc1855461b0061c1c046584b00c0b1f181c91b45aa98f172629e3780774eae6a4c6414794fd
SSDEEP
384:HYlrTJ75ufOfmV5ZPaKtWcXj3o2f589ISP:gOfkmV3PZWu39o
Checks for missing Authenticode signature.
resource |
---|
a8dcbb6b2ec570c7b536a082ac01ef96_JaffaCakes118 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
UnhookWindowsHookEx
SetWindowsHookExA
GetMessageA
CallNextHookEx
wsprintfA
Module32First
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteProcessMemory
CloseHandle
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DisableThreadLibraryCalls
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GlobalAlloc
LoadLibraryA
Module32Next
Process32First
Process32Next
ReadFile
RtlZeroMemory
SetFileAttributesA
SetFilePointer
Sleep
TerminateProcess
VirtualProtectEx
WideCharToMultiByte
EnHookWindow
UninstallHook
sub_getmessage
sub_keyboard
sub_mouse
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ