f9e184219350c4dddb94b73dffaec0b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9e184219350c4dddb94b73dffaec0b4_JaffaCakes118
Size

5KB
MD5

f9e184219350c4dddb94b73dffaec0b4
SHA1

1c8b5fdc98981d90585cf85c381676762e50be78
SHA256

7da3b19663e0ea77138cb90174ef28fed67bcf3f9d744d624a885c3a96758e45
SHA512

b6bd0aafad65a84f5a1ba75da4d5731005a90f2e45c6fd087810ca805ce4c9cc4447101214751a61ac27edb1117227cda35fed20d6f26ce0534c67172139c015
SSDEEP

48:660pGvU4vWyONz5XW9Ywfz7ME8eu17PESSLpe94LAS+f8NM2n7k9NL5:MMyNFZwB8Hf2UWB+fUM2n7cL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e184219350c4dddb94b73dffaec0b4_JaffaCakes118

Files

f9e184219350c4dddb94b73dffaec0b4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3ffa3e5a29c24b159d3e3a07bb2f8b95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegCreateKeyA

user32

CallNextHookEx
GetKeyboardLayoutNameA
SendMessageA
GetForegroundWindow
GetKeyState
GetKeyNameTextA

kernel32

GetTimeFormatA
_lclose
_lcreat
lstrlenA
lstrcpynA
lstrcmpA
GetDateFormatA
GetSystemDirectoryA
WinExec
lstrcatA
lstrcpyA
_llseek
_lopen
_lwrite

Exports

Exports

AutoProc
DKeyPrc
Dks_key
Dks_mouse

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 781B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ