b48fd62269b3e3ad3edfc3f20feebcf4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b48fd62269b3e3ad3edfc3f20feebcf4_JaffaCakes118
Size

3KB
MD5

b48fd62269b3e3ad3edfc3f20feebcf4
SHA1

bcae876b1a366a44253708bd1a95f3007e66319f
SHA256

babd4a04c386e6dbeb3883583fdc00935a7eab0e1ee67be5d5508b4412b5fa83
SHA512

dba55559d5e48670a9cd5d9c1ee221832918d52190a7302c5e62d6e3f3d3106f7c2e742106c3e3357fd71c7ad59463f743d4a18b2c86284226d5dc3fa6898d11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b48fd62269b3e3ad3edfc3f20feebcf4_JaffaCakes118

Files

b48fd62269b3e3ad3edfc3f20feebcf4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4b3bbc0d63093c3782dd12a09a900875

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrA

kernel32

lstrcpyA

user32

CallNextHookEx
SendMessageA
FindWindowA
GetWindowLongA
FindWindowExA
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx

Exports

Exports

GetMsgProc
InstallDll
UnInstallDll

Sections

.text
Size: 1024B - Virtual size: 949B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ