23489a56b74e578db53d4a7b6e7b11f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23489a56b74e578db53d4a7b6e7b11f0_JaffaCakes118
Size

130KB
MD5

23489a56b74e578db53d4a7b6e7b11f0
SHA1

6917b34af90e90116851d43f6161e06d60c62c97
SHA256

cb45ead4ca1576bbf0a9b982673dcea1074bb11c7f9811240b08ddde7d29cddd
SHA512

f351d5e7a7d442bfb55b33ce51bc6baf5562446e37d0288029740363f114cc61571b7f60d50cf117c0d0348ad3b77b460ef5b3e339ea44ea8f4e378dff85f35c
SSDEEP

3072:ZH/rNZ+P9SvaaarrQKlQQNogx0apXZNZLQcgbmDw:jZYaaaarMKLNogx0a1j2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23489a56b74e578db53d4a7b6e7b11f0_JaffaCakes118

Files

23489a56b74e578db53d4a7b6e7b11f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc6499575e4d94e77b18dce32fdcf81d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetDCEx

gdi32

SetBkMode

kernel32

LoadLibraryA
Sleep
LoadLibraryExW
TerminateProcess
WaitForSingleObject
VirtualProtectEx
VirtualProtect
ReadFile
ReleaseMutex
Sleep
LoadLibraryA
ReleaseMutex
VirtualProtect
CreateProcessW
GetStartupInfoA
WriteProcessMemory
WaitForSingleObjectEx
ReadProcessMemory
ReadFile
CreateProcessA
SleepEx
DeviceIoControl
TerminateProcess
GetSystemTimeAsFileTime
TerminateProcess
ReadProcessMemory
ReleaseMutex
WriteProcessMemory
TerminateProcess
DeviceIoControl
LoadLibraryExW
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetACP
TlsGetValue
FindAtomA
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
TerminateProcess
CreateProcessA
Sleep
LoadLibraryA
LoadLibraryExW
LoadLibraryExA
WaitForSingleObject
GetSystemTimeAsFileTime
GetStartupInfoA
DeviceIoControl
CreateProcessA
LoadLibraryExA
GetStartupInfoA
CreateProcessW
VirtualProtectEx
ReadFile
CreateProcessW
ReleaseMutex
VirtualProtectEx
CreateProcessW
ReleaseMutex
ReadProcessMemory
LoadLibraryA
TerminateProcess
ReadFile
TerminateProcess
CreateFileA
CreateFileA
GetStartupInfoW
Sleep
ReadProcessMemory
ReadProcessMemory
LoadLibraryExA
WaitForSingleObject
SleepEx
VirtualProtect
TerminateProcess
TerminateProcess
GetStartupInfoW
GetSystemTimeAsFileTime
VirtualProtectEx
WaitForSingleObject
WaitForSingleObjectEx
ReadProcessMemory
WaitForSingleObjectEx
LoadLibraryA
GetSystemTimeAsFileTime
LoadLibraryExW
ReleaseMutex
LoadLibraryExA
VirtualProtectEx
Sleep
WriteProcessMemory
WaitForSingleObject
CreateFileA
LoadLibraryExW
LoadLibraryExW
CreateProcessA
Sleep
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoA
LoadLibraryExW
GetStartupInfoA
VirtualProtect
DeviceIoControl
DeviceIoControl
CreateProcessA
WaitForSingleObject
DeviceIoControl
LoadLibraryA
Sleep
GetSystemTimeAsFileTime
VirtualProtect
WaitForSingleObject
ReadProcessMemory
WaitForSingleObject
GetStartupInfoA
GetSystemTime
LoadLibraryExA
LoadLibraryExA
WriteProcessMemory
WriteProcessMemory
WriteProcessMemory
CreateProcessW
ReadProcessMemory
CreateProcessW
Sleep
GetStartupInfoA
WaitForSingleObjectEx
TerminateProcess
VirtualProtectEx
GetStartupInfoW
LoadLibraryExA
Sleep
LoadLibraryExA
DeviceIoControl
WaitForSingleObjectEx
WriteProcessMemory
SleepEx
GetStartupInfoW
GetStartupInfoW
CreateProcessW
Sleep
LoadLibraryA
GetSystemTimeAsFileTime
LoadLibraryExA
GetStartupInfoA
VirtualProtect
GetSystemTime
WaitForSingleObject
WaitForSingleObject
VirtualProtect
CreateProcessW
ReadFile
TerminateProcess
LoadLibraryA
ReadFile
GetSystemTime
CreateProcessW
GetSystemTimeAsFileTime
WaitForSingleObjectEx
CreateFileA
WaitForSingleObject
DeviceIoControl
GetSystemTime
CreateProcessA
CreateProcessW
GetStartupInfoW
LoadLibraryExW
ReadProcessMemory

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc6499575e4d94e77b18dce32fdcf81d

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 5KB - Virtual size: 8KB

.itext Size: 109KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 8KB

.itext
Size: 109KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB