2c9ec716affbf4ed113503e6221ea950_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c9ec716affbf4ed113503e6221ea950_JaffaCakes118
Size

9KB
MD5

2c9ec716affbf4ed113503e6221ea950
SHA1

9988b004bdf78e4259e217a07294f1d3d11083c1
SHA256

9f9891572a7aefbad039bca7e7757ef840fc6f5e85e2f8ed6251ecb3c4968a11
SHA512

f629100cf4f58c6cc887f67ed007652f12bd715e7ca7858cb6a011f86a8b733310fa0cf26c5c5a04a62641e66d1482ffd0147b0b6a6b0ffcc1a50343a10c6c05
SSDEEP

96:LTl1cawlz9voY6oCNWTq59ONghioegLyH6oN6CgA5Y9W60s4rjH4KigY8N2:LTl1rgpWHiRoegLyH6GGhUfHH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9ec716affbf4ed113503e6221ea950_JaffaCakes118

Files

2c9ec716affbf4ed113503e6221ea950_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cea3a7cadc6142f8d65959c27cf9033a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallNextHookEx
FindWindowA
GetKeyboardState
PostMessageA
SetWindowsHookExA
ToAscii
UnhookWindowsHookEx

winmm

mixerGetControlDetailsA
mixerGetLineControlsA
mixerOpen
mixerSetControlDetails
mixerClose

Exports

Exports

InstallHook
RemoveHook
SetMasterVolume

Sections

.text
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ