d63aae2fc4f85d0393bd6f1b792792fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d63aae2fc4f85d0393bd6f1b792792fb_JaffaCakes118
Size

4KB
MD5

d63aae2fc4f85d0393bd6f1b792792fb
SHA1

835b5bc5d426a7ae2d984e4f0a89caad566fd78d
SHA256

50d81a067c2a2a112961edd4486b20b01f23b558a14ecae6920e8680d6bc9562
SHA512

72a0db680af49d478bcc9ca254beac9a29e85487a429c948102a5fa8aafdf470a015e479920a963696c11d61f3c75c0f5424ae9701dd01bdd55eb72f8daf46df
SSDEEP

48:KDx1zhGHMl8R7PscBOmb/qZSh5usgR4XUL+BmqO8cA:+RhGH68mczTL5m4Xh8uc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d63aae2fc4f85d0393bd6f1b792792fb_JaffaCakes118

Files

d63aae2fc4f85d0393bd6f1b792792fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b631f3355da7e1ff0dfa75f7e9c15dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWindowsHookEx
ToAscii
SetWindowsHookExA
RegisterHotKey
GetWindowThreadProcessId
GetWindowTextA
GetMessageA
GetKeyboardState
GetKeyState
GetKeyNameTextA
GetForegroundWindow
GetClassNameA
CallNextHookEx

kernel32

CloseHandle
GetDateFormatA
CreateMutexA
ExitProcess
CreateToolhelp32Snapshot
Module32First
GetTimeFormatA
GetModuleHandleA
GetLocalTime
GetLastError
GetComputerNameExA

advapi32

GetUserNameA

msvcrt

fflush
fclose
fprintf
fopen

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 903B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE