b915d4d13282b2de7cd9dd3fa3a9d166_JaffaCakes118

General

Target

b915d4d13282b2de7cd9dd3fa3a9d166_JaffaCakes118
Size

9KB
MD5

b915d4d13282b2de7cd9dd3fa3a9d166
SHA1

1aac732c2bcea537c3330c41b282823470a852e2
SHA256

e2ea16165b09c6f6c2c2129c016f6d2f45b4e0f61dabdf1b05c912b8c1d97168
SHA512

149b0308853c2fd019ca40249cac678f56b6056e33c1100fa945b4c80c0a380ffe554f954778f371ef0cfc14cfb60972b53e43232e632a9a949cfe2216ae4944
SSDEEP

192:SIUCzpFbwlSvOEvgjagel5A+GDYiViylG3WSUs6WG:SFCzpeUTg2E+yVlmWSUs6WG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b915d4d13282b2de7cd9dd3fa3a9d166_JaffaCakes118

Files

b915d4d13282b2de7cd9dd3fa3a9d166_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d997ce026006ead5cc39513893b5d561

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrlenA
GetLocalTime
CloseHandle
WriteFile
SetFilePointer
lstrcmpiA
GetModuleFileNameA
lstrcatA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
HeapFree
GetProcessHeap
CreateFileA
HeapAlloc

user32

wsprintfA
GetKeyboardState
SetWindowsHookExA
UnhookWindowsHookEx
RemovePropA
EnumWindows
ClientToScreen
GetClientRect
PostMessageA
IsWindowVisible
GetWindowRect
GetCursor
SetPropA
GetPropA
GetUpdateRgn
RegisterWindowMessageA
GetParent
GetWindowTextA
CallNextHookEx
ToAscii

gdi32

GetRegionData
CreateRectRgn
DeleteObject

Exports

Exports

SetHook
SetKeyboardFilterHook
SetMouseFilterHook
StartKeyLogger
StopKeyLogger
UnSetHook

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d997ce026006ead5cc39513893b5d561

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 832B

.SharedD Size: 512B - Virtual size: 40B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 1024B - Virtual size: 522B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 832B

.SharedD
Size: 512B - Virtual size: 40B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 1024B - Virtual size: 522B