c08fea856b659b4c02e17dff11991748_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c08fea856b659b4c02e17dff11991748_JaffaCakes118
Size

39KB
MD5

c08fea856b659b4c02e17dff11991748
SHA1

2c128916a222b852ae26dca4cc035a153e36efc2
SHA256

19a8f451d09d3f7ca4f91c63e464f950dce5dd44e4aa49ba531df1541252959d
SHA512

818734101532e1f86584042a4e413884b26afc690c4981b3508f632d5734d33eba81808944130ed7e07b1f2cd350cc92bc717ca849dec232a92f46de382e6a6a
SSDEEP

384:/EnY7vw53FSkSChwIWqV4AAITIs0iiFQxUAAyJSr+8DccOz6Mv78nqhAJ+a:/EnP53FSkSCu8RMy/JS6iccG6MoJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c08fea856b659b4c02e17dff11991748_JaffaCakes118

Files

c08fea856b659b4c02e17dff11991748_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db5c5f289f387166224dc6e2155b4639

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ToAscii
SetWindowsHookExA
SendMessageA
RegisterHotKey
MessageBoxA
GetWindowTextA
UnhookWindowsHookEx
GetKeyboardState
GetKeyState
GetKeyNameTextA
EnumChildWindows
CallNextHookEx
GetClassNameA
GetForegroundWindow
GetMessageA

kernel32

CreateFileA
GetFileSize
GlobalAlloc
GlobalFree
lstrlenA
lstrcatA
Sleep
RtlZeroMemory
RtlMoveMemory
ReleaseMutex
OpenMutexA
ReadFile
GetTickCount
CloseHandle
CreateMutexA
CreateThread
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
GetLastError
GetModuleHandleA

advapi32

GetUserNameA

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenUrlA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE