0ac6a4873b8c285e41e047606ec2f8ac_JaffaCakes118 | Triage

Sharing

General

Target

0ac6a4873b8c285e41e047606ec2f8ac_JaffaCakes118
Size

18KB
MD5

0ac6a4873b8c285e41e047606ec2f8ac
SHA1

e9ed09ef4bdf8a5a0172abd1258da34f9a87976a
SHA256

0634ff60a67f8a9e1ab287e547e97ddccef8498af2a4cb2875c83d5eae35e3f2
SHA512

71ac4f4f70c5f99402b39f0be5adcd6f0469d69e146226cc27aa278d2a36104baccec9f70c0ee30b8d6196cfac3540636bfb0875678bb59e4706479919483870
SSDEEP

384:dVgs5ZQcZv/yNUSo7OpteXExya9Eow0yj:dVVzTyNX5pcExTw0yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ac6a4873b8c285e41e047606ec2f8ac_JaffaCakes118

Files

0ac6a4873b8c285e41e047606ec2f8ac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

23254e8f6e1ba552796fb5287a9b595d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
DeleteFileA
lstrcpynA
CreateThread
IsBadReadPtr
GetModuleHandleA
GetModuleFileNameA
VirtualProtect
CopyFileA
GetCurrentProcessId
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
GetTickCount
lstrcmpiA
lstrlenA
Sleep
lstrcmpA
lstrcpyA
ExitProcess
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA

user32

PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
MapVirtualKeyA
GetKeyboardState
ToAscii

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA

msvcrt

atoi
memmove
??2@YAPAXI@Z
sprintf
strstr

Exports

Exports

COMResModuleInstance
DeleteSelf
wwhkf
wwhko

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ