cec5cd66733163d500eba711e493b7cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec5cd66733163d500eba711e493b7cd_JaffaCakes118
Size

19KB
MD5

cec5cd66733163d500eba711e493b7cd
SHA1

906b300eff77482f59a9574fbc7a967052368c6b
SHA256

6d98921f3dcf218a2270acb818e93e7c11632b30978af2eab8f04b3da45de879
SHA512

c8828453e9a16a853ed20c48af5bb5aabd6eac18bc113ee09baa831a85f339e3ee20ad66469b863452114459862061eadcf68ea9775cbac26a6c62a1c70b7606
SSDEEP

384:wkXBTukuBUSr8/KUrMcQ2+vb3KgWB8KOavQciEygL:5xfS1UrM53KqhavQciZgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec5cd66733163d500eba711e493b7cd_JaffaCakes118

Files

cec5cd66733163d500eba711e493b7cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

13b9ab422efeb4b61d46b03d31174d2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetSystemTime
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
CreateThread
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

Hookoff
Hookon

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ