2eb062a323b59e0734ae1f40c46a9608_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2eb062a323b59e0734ae1f40c46a9608_JaffaCakes118
Size

120KB
MD5

2eb062a323b59e0734ae1f40c46a9608
SHA1

5e137dd92464138101ef781ba61f15f5e4c006f1
SHA256

01c9badae8c0dcd7cacdff58a99b698214a68a93f199ba5652221bd8e5016437
SHA512

bdded764daafea00d776c73feaa15c103142cb8263aeda522da0f65daf104b66df421d4add600b09509c8021ded6a31ba39e95627c99f27d7d085ffee2248110
SSDEEP

768:Cx5m1BqZYIXMYRbRyzielslhUjwD/J0G959xvjlnTuTHj:C2nqNXMYtgzi+slaY9xrdTuT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eb062a323b59e0734ae1f40c46a9608_JaffaCakes118

Files

2eb062a323b59e0734ae1f40c46a9608_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ff6749210e75e15a4bac4e4d0e31c47f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCurrentProcessId
ExitProcess
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
GetProcessHeap
GetACP
HeapAlloc
GetProcessHeap
LoadLibraryA
lstrlenW
GetVersionExA
InitializeCriticalSection
WriteFile
ReadFile
HeapReAlloc
HeapDestroy
TerminateProcess
GetProcAddress
GetACP
WriteFile
GetStartupInfoW
GetCommandLineW
GetProcAddress
SetEvent
MultiByteToWideChar
CreateFileW
InitializeCriticalSection
CreateThread
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetACP
GetACP
FormatMessageW
WaitForSingleObject
CreateFileW
FormatMessageW
DeleteCriticalSection
Sleep
ReadFile
HeapAlloc
HeapDestroy
DeleteCriticalSection
MultiByteToWideChar
DeleteCriticalSection
SetFilePointer
HeapReAlloc
CloseHandle
GetProcAddress
CreateThread
LocalFree
lstrcmpiW
FormatMessageW
MultiByteToWideChar
lstrlenW
SetLastError
FreeLibrary
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryA
lstrcmpiW
Sleep
SetFilePointer
InterlockedIncrement
Sleep
CreateFileW
DeleteCriticalSection
GetCurrentProcess
FreeLibrary
lstrcpyW
GetProcAddress
ExitProcess
GetLastError
LocalFree
GetCurrentProcessId
HeapDestroy
lstrlenW
lstrcpyW
TerminateProcess
HeapDestroy
SetLastError
lstrcmpiW
InitializeCriticalSection
LoadLibraryW
Sleep
WriteFile
GetCurrentProcessId
LocalFree
InitializeCriticalSection
HeapDestroy
Sleep
GetLastError
SetUnhandledExceptionFilter
WideCharToMultiByte
TerminateProcess
SetFilePointer
HeapReAlloc
WideCharToMultiByte
GetCurrentProcessId
GetModuleHandleW
LocalFree
GetModuleHandleW
WideCharToMultiByte
GetACP
GetLastError
QueryPerformanceCounter
VirtualFree
LocalFree
VirtualAlloc
WideCharToMultiByte
ReadFile
InterlockedDecrement
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
InitializeCriticalSection
WriteFile
DeleteCriticalSection
GetCommandLineA
GetCurrentProcessId

Sections

.data
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff6749210e75e15a4bac4e4d0e31c47f

Headers

File Characteristics

Imports

kernel32

Sections

.data Size: 102KB - Virtual size: 120KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 512B

.data
Size: 102KB - Virtual size: 120KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB