2f86a33535256942b86cbf44a747ecc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f86a33535256942b86cbf44a747ecc3_JaffaCakes118
Size

186KB
MD5

2f86a33535256942b86cbf44a747ecc3
SHA1

a08b8b18805a3db642c5782d2f7ba932620145fe
SHA256

6be7741c26f2c67896e4d472713aba735bd15335be13e061cf1a2b0a2b277f5d
SHA512

6592fc942958f31bb3b35a65b474354ccd89dfb18da77ad90cc7096b66c260677b761ebe88f7dd307b8bd4821883a0ef787dab7a7c57a28c9512b6d49f5f7129
SSDEEP

3072:xDzHKyoXc7ke/AzcFteOjYZBQNniwqqDe72h2r8ncOP8:xDTKyoM7ke/7ttfiwqJ7qRcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f86a33535256942b86cbf44a747ecc3_JaffaCakes118

Files

2f86a33535256942b86cbf44a747ecc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2d5123be8e7811df79017946a93f7df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetSysColor
GetUserObjectInformationW
RegisterClipboardFormatA
DispatchMessageW
RegisterWindowMessageA
GetSystemMetrics
GetSysColor
GetAppCompatFlags2
SetTimer
GetSysColorBrush
TranslateMessageEx
RegisterClipboardFormatA
GetWindowLongW
RegisterWindowMessageA
GetSystemMetrics
KillTimer
ReleaseDC
SetTimer
ReleaseDC
GetWindowLongW
CharUpperA
TranslateMessageEx
GetSysColorBrush
CharUpperW
RegisterClipboardFormatA
SetScrollInfo
GetAppCompatFlags2
GetSystemMetrics
GetWindowLongW
ReleaseDC
TranslateMessage
GetWindowThreadProcessId
KillTimer
CharUpperW
GetProcessWindowStation
CharUpperA
GetAppCompatFlags2
GetUserObjectInformationW
GetSysColorBrush
SetScrollInfo
SetTimer
RegisterClipboardFormatA
CharUpperW
GetWindowDC
DispatchMessageW
CharUpperW
SetScrollInfo
CharUpperW
GetUserObjectInformationW
TranslateMessageEx
KillTimer
CharUpperA
GetSystemMetrics
GetWindowDC
CharUpperA
GetProcessWindowStation
TranslateMessage
TranslateMessage
PostMessageW
PostMessageW
TranslateMessage
GetDC
GetProcessWindowStation
CharUpperW
GetWindowLongW
ReleaseDC
KillTimer
GetUserObjectInformationW
SetTimer
GetAppCompatFlags2
GetDC
KillTimer
GetSysColorBrush
GetSysColor
SetScrollInfo
GetDC
CharUpperA
KillTimer
TranslateMessage
SetScrollInfo
CharUpperW
GetSysColorBrush
GetSystemMetrics
ReleaseDC
GetDC
CharUpperW
RegisterClipboardFormatA
TranslateMessage
TranslateMessageEx
DispatchMessageW
KillTimer
GetWindowThreadProcessId
CharUpperW
GetWindowDC
ReleaseDC
CharUpperA
PostMessageW
CharUpperW
RegisterWindowMessageA
CharUpperA
MapVirtualKeyExW
RegisterClipboardFormatA
GetAppCompatFlags2
TranslateMessage
SetTimer
GetSysColorBrush
CharUpperW
CharUpperW
GetSysColorBrush
PostMessageW
CharUpperW
RegisterWindowMessageA
CharUpperW
ReleaseDC
TranslateMessageEx
DispatchMessageW
GetDC
CharUpperA
GetProcessWindowStation
GetUserObjectInformationW
KillTimer
SetTimer
SetTimer
RegisterWindowMessageA
KillTimer
CharUpperW
RegisterWindowMessageA
GetAppCompatFlags2
GetAppCompatFlags2
RegisterClipboardFormatA
RegisterWindowMessageA
DispatchMessageW
GetSysColorBrush
GetDC
GetSysColorBrush
KillTimer
GetWindowLongW
RegisterWindowMessageA
GetSysColor
SetTimer
ReleaseDC
CharUpperW
GetUserObjectInformationW
PostMessageW
KillTimer
GetProcessWindowStation
CharUpperA
KillTimer
GetSysColorBrush
PostMessageW
GetSysColorBrush
TranslateMessage
GetProcessWindowStation
GetSystemMetrics
GetWindowDC
TranslateMessageEx
SetScrollInfo
SetScrollInfo
GetWindowThreadProcessId
GetSysColorBrush
GetWindowLongW
SetTimer
KillTimer
GetSysColor
RegisterWindowMessageA
PostMessageW
SetTimer
GetWindowLongW
SetTimer
RegisterClipboardFormatA
GetWindowLongW
GetSystemMetrics
SetTimer
GetAppCompatFlags2
GetSysColorBrush
GetSysColorBrush
KillTimer
CharUpperA
TranslateMessageEx
GetWindowLongW
SetTimer
RegisterWindowMessageA
TranslateMessageEx
GetWindowDC
GetProcessWindowStation
CharUpperA
GetSysColorBrush
GetWindowDC
GetAppCompatFlags2
GetWindowThreadProcessId
GetAppCompatFlags2
RegisterWindowMessageA
GetSystemMetrics
GetWindowDC
SetTimer
CharUpperA
CharUpperW
GetSystemMetrics
GetSysColorBrush
CharUpperW
GetWindowDC

kernel32

ReadProcessMemory
LoadLibraryA
Sleep
TerminateProcess
GetSystemTimeAsFileTime
LoadLibraryExA
ReadProcessMemory
ReleaseMutex
VirtualProtectEx
WaitForSingleObject
WaitForSingleObject
CreateProcessW
Sleep
ReadProcessMemory
GetStartupInfoW
ReadProcessMemory
GetSystemTimeAsFileTime
GetStartupInfoW
ReleaseMutex
ReadFile
CreateProcessA
ReadFile
ReadProcessMemory
SleepEx
GetSystemTime
GetSystemTimeAsFileTime
VirtualProtectEx
LoadLibraryExW
GetSystemTimeAsFileTime
CreateProcessW
TerminateProcess
LoadLibraryExW
GetStartupInfoA
ReadProcessMemory
CreateProcessA
VirtualProtect
GetSystemTime
GetStartupInfoW
ReadProcessMemory
Sleep
VirtualProtect
TerminateProcess
Sleep
ReadFile
TerminateProcess
CreateProcessW
GetSystemTime
ReadFile
CreateFileA
CreateProcessW
VirtualProtect
TerminateProcess
SleepEx
VirtualProtect
VirtualProtectEx
GetStartupInfoA
ReadProcessMemory
LoadLibraryA
LoadLibraryExW
CreateProcessW
GetSystemTimeAsFileTime
VirtualProtect
GetStartupInfoW
ReadProcessMemory
TerminateProcess
VirtualProtect
VirtualProtect
LoadLibraryExW
WriteProcessMemory
GetStartupInfoW
GetStartupInfoW
WriteProcessMemory
GetStartupInfoW
WaitForSingleObject
Sleep
CreateFileA
GetSystemTimeAsFileTime
SleepEx
ReleaseMutex
ReadFile
VirtualProtectEx
CreateFileA
CreateProcessA
WaitForSingleObject
VirtualProtectEx
CreateFileA
Sleep
Sleep
Sleep
WriteProcessMemory
TerminateProcess
CreateProcessW
CreateProcessW
Sleep
LoadLibraryExA
LoadLibraryExA
ReleaseMutex
GetStartupInfoA
LoadLibraryExW
LoadLibraryA
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntW
SetEnvironmentVariableW
GetSystemTime
WriteProcessMemory
VirtualProtect
GetSystemTimeAsFileTime
CreateProcessW
CreateProcessA
VirtualProtectEx
ReadProcessMemory
GetSystemTimeAsFileTime
LoadLibraryExA
GetSystemTime
CreateProcessW
ReadProcessMemory
GetSystemTimeAsFileTime
ReadFile
GetSystemTimeAsFileTime
ReadFile
GetSystemTime
GetStartupInfoW
GetSystemTime
GetSystemTimeAsFileTime
SleepEx
LoadLibraryA
LoadLibraryA
LoadLibraryExA
LoadLibraryExA
ReadProcessMemory
ReleaseMutex
GetStartupInfoW
VirtualProtectEx
ReadFile
CreateFileA
ReleaseMutex
GetStartupInfoW
LoadLibraryExA
LoadLibraryA
LoadLibraryExW
GetSystemTimeAsFileTime
CreateProcessW
TerminateProcess
CreateFileA
LoadLibraryExW
VirtualProtectEx
GetSystemTimeAsFileTime
CreateProcessA
GetSystemTime
CreateFileA
GetSystemTime
ReadProcessMemory
ReadFile
Sleep
CreateProcessA
ReadFile
CreateProcessA
LoadLibraryExA
CreateFileA
WriteProcessMemory
TerminateProcess
GetSystemTime
ReadProcessMemory
GetSystemTimeAsFileTime
VirtualProtect
GetStartupInfoW
Sleep
GetSystemTimeAsFileTime
CreateProcessA
VirtualProtectEx
TerminateProcess
ReadFile
Sleep
TerminateProcess
Sleep
TerminateProcess
LoadLibraryExA
CreateProcessW
VirtualProtectEx
VirtualProtect
WaitForSingleObject
WriteProcessMemory
SleepEx
LoadLibraryA
GetSystemTime
VirtualProtect
GetStartupInfoW
GetStartupInfoW
VirtualProtectEx
WaitForSingleObject
ReadProcessMemory
TerminateProcess
LoadLibraryExW
WriteProcessMemory
SleepEx
LoadLibraryExW
GetSystemTime
GetStartupInfoA
CreateProcessW
Sleep
VirtualProtect
WriteProcessMemory
ReadProcessMemory

Sections

.text
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 184KB

IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2d5123be8e7811df79017946a93f7df

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 28KB - Virtual size: 32KB

.rdata Size: 142KB - Virtual size: 184KB

.data Size: 9KB - Virtual size: 12KB

.ndata Size: 2KB - Virtual size: 4KB

.ndata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 980B

.text
Size: 28KB - Virtual size: 32KB

.rdata
Size: 142KB - Virtual size: 184KB

.data
Size: 9KB - Virtual size: 12KB

.ndata
Size: 2KB - Virtual size: 4KB

.ndata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 980B