b6486436c64d410389afddba41d65b95_JaffaCakes118 | Triage

Sharing

General

Target

b6486436c64d410389afddba41d65b95_JaffaCakes118
Size

24KB
MD5

b6486436c64d410389afddba41d65b95
SHA1

5f924d99c6cc47586a8b21197955e189365507a2
SHA256

59b60911a3d398569b29435be4d533a41aa1d28b8fffa046163eaeba8bb5b04f
SHA512

c88addfcc9bf876ecef971686024d1883f694c0f5eef28fc5612298f2e5a4df4adde67910c6f206f7cecfb83979d7ca8c993dc830400accbe22b033699672bac
SSDEEP

192:n+/q9y/MipSZbHvtQAUc03kk/4KVrGELLs/9cuXS58P:n+/q4Eip0Qzc0/4+1PWmuX48P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6486436c64d410389afddba41d65b95_JaffaCakes118

Files

b6486436c64d410389afddba41d65b95_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a41b113618c326721ef91b85fbb84b1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError

user32

CallNextHookEx
GetKeyboardState
PostMessageA
SetWindowsHookExA
ToAscii
UnhookWindowsHookEx

Exports

Exports

InstallHook
KeyboardProc
MouseProc
UninstallHook

Sections

.text
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 276B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ