620e1bfff394756e869283deb25ccad0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

620e1bfff394756e869283deb25ccad0_JaffaCakes118
Size

342KB
MD5

620e1bfff394756e869283deb25ccad0
SHA1

7d639d2370ce74ca275c3b9ef3a4d55d3693f8cc
SHA256

2e9b74c3aba5b2f987c1e343d93e83af335ce300ddd64b857dfb7a477f65510a
SHA512

460256806f375454b63a5cd362435480329c36b482a589e151ef92843e1a4b18918323f85a230a838e0a7d42ff2fd38b41b2c0084af79b60ae979b3a2a001e9b
SSDEEP

6144:iLtyLtlQFkzTxQ3ECUC4c7VG4xMGz8iANP:4totlQFMTW3ECP4qGuzjANP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
620e1bfff394756e869283deb25ccad0_JaffaCakes118

Files

620e1bfff394756e869283deb25ccad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d181d4e7f18fe624d26df1557c429498

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

KillTimer
PostMessageW
DispatchMessageW
TranslateMessageEx
CharUpperW
GetSysColorBrush
TranslateMessageEx
TranslateMessageEx
CharUpperW
CharUpperA
ReleaseDC
GetAppCompatFlags2
PostMessageW
RegisterClipboardFormatA
GetAppCompatFlags2
GetAppCompatFlags2
SetTimer
GetProcessWindowStation
GetSystemMetrics
GetAppCompatFlags2
GetUserObjectInformationW
CharUpperA
PostMessageW
SetTimer
DispatchMessageW
DispatchMessageW
CharUpperA
ReleaseDC
CharUpperA
TranslateMessageEx
RegisterWindowMessageA
RegisterClipboardFormatA
SetScrollInfo
GetUserObjectInformationW
SetScrollInfo
SetTimer
GetWindowLongW
GetUserObjectInformationW
TranslateMessage
GetWindowLongW
KillTimer
DispatchMessageW
RegisterWindowMessageA
GetAppCompatFlags2
PostMessageW
PostMessageW
RegisterWindowMessageA
ReleaseDC
GetWindowThreadProcessId
CharUpperW
SetScrollInfo
TranslateMessageEx
CharUpperW
TranslateMessageEx
TranslateMessage
GetUserObjectInformationW
GetProcessWindowStation
CharUpperW
GetDC
CharUpperW
RegisterWindowMessageA
KillTimer
CharUpperW
TranslateMessageEx
GetProcessWindowStation
KillTimer
SetTimer
ReleaseDC
ReleaseDC
GetSysColorBrush
CharUpperW
GetProcessWindowStation
SetTimer
GetWindowDC
GetWindowDC
DispatchMessageW
CharUpperA
SetScrollInfo
DispatchMessageW
GetUserObjectInformationW
SetTimer
SetScrollInfo
PostMessageW
GetWindowThreadProcessId
GetSystemMetrics
GetWindowThreadProcessId
GetDC
GetWindowDC
ReleaseDC
SetTimer
GetWindowThreadProcessId
TranslateMessageEx
SetTimer
GetSysColor
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
TranslateMessage
GetProcessWindowStation
GetAppCompatFlags2
CreateIconIndirect
GetWindowLongW
PostMessageW
ReleaseDC
GetSysColorBrush
CharUpperW
CharUpperA
ReleaseDC
TranslateMessage
CharUpperA

kernel32

LoadLibraryExA
CreateProcessA
WriteProcessMemory
LoadLibraryExA
CreateProcessA
GetSystemTime
TerminateProcess
ReleaseMutex
ReleaseMutex
CreateProcessA
GetStartupInfoA
LoadLibraryA
ReleaseMutex
ReadProcessMemory
VirtualProtect
LoadLibraryExW
ReadProcessMemory
ReleaseMutex
WriteProcessMemory
GetStartupInfoA
GetStartupInfoW
CreateProcessW
CreateFileA
ReadProcessMemory
GetStartupInfoA
GetStartupInfoW
CreateFileA
CreateProcessW
VirtualProtectEx
CreateProcessW
SleepEx
Sleep
GetStartupInfoA
LoadLibraryExA
WriteProcessMemory
ReadFile
GetStartupInfoW
CreateFileA
GetStartupInfoW
TerminateProcess
ReadFile
ReleaseMutex
ReleaseMutex
ReleaseMutex
CreateProcessW
WaitForSingleObject
LoadLibraryExA
GetSystemTime
VirtualProtect
ReadProcessMemory
WriteProcessMemory
Sleep
ReadFile
CreateProcessW
GetSystemTimeAsFileTime
LoadLibraryExW
WriteProcessMemory
GetSystemTime
ReadFile
WaitForSingleObject
VirtualProtectEx
GetSystemTimeAsFileTime
GetStartupInfoA
LoadLibraryA
Sleep
CreateProcessA
LoadLibraryExW
CreateFileA
CreateProcessW
CreateFileA
CreateProcessW
CreateFileA
WaitForSingleObject
LoadLibraryExA
LoadLibraryExW
LoadLibraryExA
VirtualProtect
VirtualProtect
TerminateProcess
GetSystemTimeAsFileTime
WriteProcessMemory
LoadLibraryExW
CreateFileA
GetSystemTimeAsFileTime
CreateFileA
VirtualProtectEx
GetSystemTime
WriteProcessMemory
LoadLibraryExW
LoadLibraryExW
WriteProcessMemory
VirtualProtect
CreateProcessA
ReadFile
CreateProcessA
LoadLibraryA
CreateProcessA
VirtualProtectEx
WaitForSingleObject
SleepEx
WriteProcessMemory
GetSystemTime
ReadFile
LoadLibraryExA
WaitForSingleObject
GetStartupInfoA
ReleaseMutex
ReadFile
SleepEx
ReadProcessMemory
GetSystemTime
ReadFile
TerminateProcess
GetStartupInfoA
GetStartupInfoA
LoadLibraryExW
LoadLibraryExA
LoadLibraryExA
VirtualProtect
ReadProcessMemory
Sleep
WriteProcessMemory
CreateProcessA
CreateProcessW
LoadLibraryExW
Sleep
Sleep
CreateFileA
LoadLibraryA
ReleaseMutex
LoadLibraryA
WriteProcessMemory
GetSystemTimeAsFileTime
LoadLibraryExA
SleepEx
LoadLibraryExA
GetStartupInfoW
LoadLibraryExA
ReleaseMutex
CreateFileA
ReadProcessMemory
LoadLibraryExW
CreateFileA
GetStartupInfoW
Sleep
CreateProcessA
ReadProcessMemory
CreateFileA
SleepEx
CreateProcessA
LoadLibraryA
LoadLibraryExW
GetStartupInfoW
GetSystemTime
LoadLibraryExW
Sleep
VirtualProtect
LoadLibraryExA
CreateFileA
LoadLibraryA
ReadProcessMemory
ReleaseMutex
GetSystemTimeAsFileTime
LoadLibraryA
Sleep
GetStartupInfoW
VirtualProtect
GetStartupInfoA
VirtualProtectEx
GetSystemTimeAsFileTime
LoadLibraryExW
LoadLibraryExA
WriteProcessMemory
WriteProcessMemory
SleepEx
GetSystemTime
ReadProcessMemory
CreateFileA
WriteProcessMemory
VirtualProtectEx
WaitForSingleObject
ReleaseMutex
VirtualProtectEx
SleepEx
ReadProcessMemory
TerminateProcess
GetSystemTimeAsFileTime
VirtualProtect
CreateProcessA
SleepEx
CreateProcessW
TerminateProcess
WriteProcessMemory
VirtualProtect
GetStartupInfoA
VirtualProtect
LoadLibraryA
LoadLibraryA
GetSystemTime
VirtualProtectEx
CreateProcessA
VirtualProtectEx
VirtualProtect
VirtualProtect
CreateProcessA
LoadLibraryExA
GetStartupInfoA
Sleep
ReadFile
ReleaseMutex
LoadLibraryExW
TerminateProcess
TerminateProcess
CreateProcessA
GetStartupInfoA
VirtualProtect
WriteProcessMemory
ReadProcessMemory
CreateProcessA
GetSystemTimeAsFileTime
CreateProcessA
ReadProcessMemory
CreateFileA
CreateFileA
TerminateProcess
CreateProcessA
ReadFile
GetStartupInfoW
LoadLibraryExW
ReadProcessMemory
WaitForSingleObject
CreateProcessA
SleepEx
Sleep
WriteProcessMemory
VirtualProtect
GetStartupInfoA
ReleaseMutex
WriteProcessMemory
WaitForSingleObject
VirtualProtect
ReadFile
Sleep
CreateFileA
LoadLibraryA
WaitForSingleObject
WriteProcessMemory
SleepEx
ReadFile
LoadLibraryA
VirtualProtect
LoadLibraryExA
ReadFile
VirtualProtectEx
Sleep
CreateProcessA
GetStartupInfoW
VirtualProtectEx
LoadLibraryA
SleepEx
GetStartupInfoW
LoadLibraryA
WaitForSingleObject
ReadProcessMemory
VirtualProtect
TerminateProcess
GetStartupInfoW
GetStartupInfoW
GetStartupInfoA
LoadLibraryExW
CreateFileA
ReadProcessMemory
GetStartupInfoA
CreateProcessW
SleepEx
CreateProcessA
CreateFileA
Sleep
Sleep
GetStartupInfoA
ReadProcessMemory
VirtualProtect
ReadFile
SleepEx
GetStartupInfoW
LoadLibraryExW
WaitForSingleObject
ReadFile
SleepEx
VirtualProtectEx
GetStartupInfoW
GetSystemTime
LoadLibraryA
WriteProcessMemory
LoadLibraryExA
ReadFile
ReleaseMutex
CreateProcessA
WriteProcessMemory
Sleep
ReadFile
LoadLibraryExA
CreateProcessW
ReadProcessMemory
CreateFileA
GetStartupInfoA
LoadLibraryExA
ReadFile
TerminateProcess
LoadLibraryExW
WriteProcessMemory
WriteProcessMemory
Sleep
Sleep
WaitForSingleObject
WaitForSingleObject
LoadLibraryA
CreateProcessW
VirtualProtect
ReadProcessMemory
GetSystemTime
LoadLibraryExA
GetSystemTime
LoadLibraryExW
GetStartupInfoA
SleepEx
TerminateProcess
WriteProcessMemory
SleepEx
GetSystemTime
GetSystemTimeAsFileTime
ReleaseMutex
LoadLibraryExW
LoadLibraryExW
CreateProcessA
LoadLibraryExW
CreateProcessW
LoadLibraryExA
WaitForSingleObject
VirtualProtectEx
LoadLibraryExA
GetSystemTime
ReleaseMutex
LoadLibraryExW
GetStartupInfoA
LoadLibraryA
TerminateProcess
ReadFile
ReadFile
VirtualProtect
CreateFileA
ReadFile
LoadLibraryExW
GetSystemTime
Sleep
GetSystemTimeAsFileTime
ReleaseMutex
GetSystemTimeAsFileTime
WaitForSingleObject
CreateProcessA
ReleaseMutex
CreateProcessA
LoadLibraryA
VirtualProtectEx
VirtualProtectEx
LoadLibraryExW
LoadLibraryExW
WriteProcessMemory
LoadLibraryA
CreateProcessW
ReadProcessMemory
LoadLibraryExA
CreateFileA
GetSystemTimeAsFileTime
GetStartupInfoW
CreateProcessW
GetStartupInfoW
TerminateProcess
ReadFile
LoadLibraryExW
CreateProcessA
ReadFile
WaitForSingleObject
WaitForSingleObject
GetStartupInfoA
GetStartupInfoW
GetStartupInfoA
WaitForSingleObject
CreateProcessA
CreateFileA
ReadProcessMemory
SleepEx
LoadLibraryA
GetSystemTime
GetStartupInfoA
SleepEx
GetStartupInfoW
CreateProcessA
VirtualProtect
GetSystemTimeAsFileTime
CreateFileA
CreateFileA
CreateProcessA
GetSystemTimeAsFileTime
WriteProcessMemory
LoadLibraryExA
ReadProcessMemory
GetSystemTimeAsFileTime
CreateProcessW
SleepEx
LoadLibraryExA
LoadLibraryExA
LoadLibraryExW
LoadLibraryExA
GetStartupInfoA
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
GetSystemTime
CreateProcessA
ReadProcessMemory
LoadLibraryA
VirtualProtect
TerminateProcess
CreateFileA
VirtualProtectEx
CreateProcessA
ReleaseMutex
VirtualProtectEx
GetSystemTime
LoadLibraryExW
LoadLibraryExW
CreateFileA
LoadLibraryExW
VirtualProtect
CreateProcessA
LoadLibraryA
ReadProcessMemory
ReadProcessMemory
ReadFile
ReleaseMutex
WriteProcessMemory
Sleep
ReadProcessMemory
TerminateProcess
GetStartupInfoW
Sleep
CreateProcessA
CreateProcessA
WriteProcessMemory
LoadLibraryExA
CreateProcessA
LoadLibraryExA
WriteProcessMemory
WriteProcessMemory
LoadLibraryExA
ReleaseMutex
GetSystemTime
CreateProcessW
Sleep
LoadLibraryExW
ReleaseMutex
ReleaseMutex
Sleep
ReleaseMutex
ReadProcessMemory
WaitForSingleObject
ReleaseMutex
LoadLibraryExA
ReadFile
GetStartupInfoW
CreateProcessA
LoadLibraryExA
TerminateProcess
VirtualProtectEx
VirtualProtectEx
SleepEx
VirtualProtectEx
LoadLibraryExW
VirtualProtect
WriteProcessMemory
VirtualProtectEx
GetStartupInfoA
ReadFile
VirtualProtectEx
CreateProcessA
TerminateProcess
TerminateProcess
LoadLibraryA
GetStartupInfoA
VirtualProtectEx
WriteProcessMemory
ReleaseMutex
CreateProcessA
CreateProcessA
LoadLibraryA
ReadProcessMemory
LoadLibraryA
GetStartupInfoA

Sections

.text
Size: 183KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d181d4e7f18fe624d26df1557c429498

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 183KB - Virtual size: 184KB

.data Size: 18KB - Virtual size: 20KB

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 183KB - Virtual size: 184KB

.data
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 140KB - Virtual size: 139KB