0fbe8dfba264521fd6d9637c994ead28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fbe8dfba264521fd6d9637c994ead28_JaffaCakes118
Size

19KB
MD5

0fbe8dfba264521fd6d9637c994ead28
SHA1

61fdb7342411596d3ba8ab984036e14b1d7d97ab
SHA256

c15eee154cae30f6e0dda1ded95e53260d575177cb8f070acd696412f0f7eb13
SHA512

15d3674edefb460d97fa272395dd589595c98fb8aa2523c4cb0ec695b29b3d18fa2ddf74c38703ead3a820c89365f2e0d351b77b0d6677c0fa43c4fdee1e25c3
SSDEEP

384:EFSFPvngwPjLxQUI0U59eJNvn47XMhOceWQb8t/uKOFU+eOuZN:EFGI0RNPQ8hOcbQIMhFpefz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fbe8dfba264521fd6d9637c994ead28_JaffaCakes118

Files

0fbe8dfba264521fd6d9637c994ead28_JaffaCakes118
.dll windows:4 windows x86 arch:x86

eab338f8f0e0ae535c21f8631348db00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetSystemTime
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

hkf
hkn

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ