61da56d380d7fccea3eaf0c2a5fb6736_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

61da56d380d7fccea3eaf0c2a5fb6736_JaffaCakes118
Size

211KB
MD5

61da56d380d7fccea3eaf0c2a5fb6736
SHA1

4c2f550785bc9812cc6fdedf28f38cfc1ef62d8a
SHA256

960f3d0b216fea6b69364543b2fe2da56272f1a8e063aa0984db6858def20f24
SHA512

31ce6a23bd54838ff13258c6688f25386a3b42f1ec01c85629a2672e1fceb663fcbfb95f40d1a143e2dd32b64ac86e29c2ec06f5c8d71f8848d32ad299bbb494
SSDEEP

3072:r87DCH5ju4ldZB+9Lq6X30cNCgjfq0qhaR+gltuS:r87DCHI4ldoW6X3NC4hxltn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61da56d380d7fccea3eaf0c2a5fb6736_JaffaCakes118

Files

61da56d380d7fccea3eaf0c2a5fb6736_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e30477eabfd987105600d11cd70e7b32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateFileW
VirtualFree
QueryPerformanceCounter
LoadLibraryA
LocalAlloc
CreateThread
VirtualFree
InitializeCriticalSection
HeapFree
GetVersionExA
SetLastError
FormatMessageW
EnterCriticalSection
CreateFileW
GetModuleHandleW
GetVersionExA
GetProcessHeap
ExitProcess
CreateThread
HeapAlloc
GetTickCount
CreateFileW
GetStartupInfoW
GetStartupInfoW
GetCurrentProcessId
Sleep
lstrlenW
GetACP
QueryPerformanceCounter
HeapFree
GetACP
GetTickCount
SetLastError
InterlockedDecrement
GetTickCount
ExitProcess
SetFilePointer
LoadLibraryA
InterlockedDecrement
EnterCriticalSection
VirtualFree
lstrcpyW
SetEvent
GetModuleHandleW
InterlockedDecrement
UnhandledExceptionFilter
GetCommandLineA
CreateThread
HeapAlloc
GetACP
GetTickCount
SetFilePointer
VirtualFree
GetProcessHeap
GetCurrentProcessId
InterlockedIncrement
CreateFileW
CreateFileW
HeapAlloc
CreateThread
ExitProcess
WideCharToMultiByte
TerminateProcess
GetCurrentProcessId
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateThread
InterlockedIncrement
QueryPerformanceCounter
GetCommandLineW
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
GetStartupInfoW
WaitForSingleObject
GetACP
lstrlenW
ReadFile
SetUnhandledExceptionFilter
lstrcmpiW
HeapAlloc
UnhandledExceptionFilter
GetProcessHeap
HeapReAlloc
GetProcAddress
GetCommandLineW
HeapFree
SetFilePointer
GetLastError
lstrlenW
VirtualFree
GetLastError
lstrcpyW
LoadLibraryW
HeapAlloc
WideCharToMultiByte
GetModuleHandleA
HeapFree
Sleep
LocalFree
TerminateProcess
InterlockedIncrement
SetLastError
SetFilePointer
CreateFileW
lstrlenW
GetLastError
DeleteCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcessId
WideCharToMultiByte
SetEvent
VirtualFree
Sleep
LocalAlloc
InterlockedIncrement
lstrlenW
FormatMessageW
GetCurrentProcess
UnhandledExceptionFilter
lstrcmpiW
InitializeCriticalSection
LocalFree
GetTickCount
LocalFree
UnhandledExceptionFilter
CreateThread
GetModuleHandleW
WriteFile
CloseHandle
HeapReAlloc
HeapFree
CreateFileW
GetModuleHandleA
ReadFile
SetUnhandledExceptionFilter
GetCommandLineA
lstrcpyW
GetCurrentProcessId
WaitForSingleObject
VirtualAlloc
GetCurrentThreadId
lstrlenW
GetCommandLineW
HeapFree
lstrcmpiW
GetVersionExA
SetLastError
QueryPerformanceCounter
GetModuleHandleA
SetLastError
GetCurrentProcess
HeapReAlloc
LeaveCriticalSection
GetSystemTimeAsFileTime
LocalAlloc
GetCurrentThreadId
GetStartupInfoW
GetTickCount
GetCommandLineA
Sleep
CreateFileW
CreateFileW
TerminateProcess
GetModuleHandleA
QueryPerformanceCounter
GetSystemTimeAsFileTime
FormatMessageW
GetLastError
LocalFree
FormatMessageW
ExitProcess
UnhandledExceptionFilter
lstrcpyW
HeapDestroy
SetLastError
ExitProcess
SetEvent
HeapReAlloc
GetCommandLineA
UnhandledExceptionFilter
LoadLibraryW
InterlockedDecrement
CreateThread
GetLastError
GetTickCount
GetModuleHandleW
lstrcmpiW
GetModuleHandleW
SetEvent
lstrcmpiW
QueryPerformanceCounter
InterlockedDecrement
ExitProcess
InterlockedIncrement
InitializeCriticalSection
FreeLibrary
GetLastError
lstrcpyW
GetCurrentProcess
VirtualFree
ReadFile
CloseHandle
VirtualAlloc
LoadLibraryA
SetUnhandledExceptionFilter
Sleep

Sections

�text
Size: 191KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

�idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e30477eabfd987105600d11cd70e7b32

Headers

File Characteristics

Imports

kernel32

Sections

�text Size: 191KB - Virtual size: 196KB

�idata Size: 5KB - Virtual size: 8KB

�idata Size: 1024B - Virtual size: 4KB

�idata Size: 3KB - Virtual size: 4KB

�vmp0 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�text
Size: 191KB - Virtual size: 196KB

�idata
Size: 5KB - Virtual size: 8KB

�idata
Size: 1024B - Virtual size: 4KB

�idata
Size: 3KB - Virtual size: 4KB

�vmp0
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB