635098ca0033a2faf3aaa3ca0cc6acbd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

635098ca0033a2faf3aaa3ca0cc6acbd_JaffaCakes118
Size

60KB
MD5

635098ca0033a2faf3aaa3ca0cc6acbd
SHA1

cf87785e0be6b461c375d2e028a4f5ceea7fb38e
SHA256

8d4300e906d9fdb9b0567c1b6434bc2874d5e021d942b9bd08f1fc2fd69d7af7
SHA512

d3e23f381637cd136269d1a4aa638a9636b21be2f72dcedfa3f06bda5c21f0278a018c1402f5944500d5869539502d02d170c08982a9e93adfa2f46316ca1765
SSDEEP

768:i2jlEcCmcCM+UL8KL+LbwErLNSeQDKjZ/olx6DNqvHMqXRkEZUKiIYbBTK7h:iqXCjCMBf+LbLph53QkKiHbBT2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
635098ca0033a2faf3aaa3ca0cc6acbd_JaffaCakes118

Files

635098ca0033a2faf3aaa3ca0cc6acbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a90a2f262ef38522e84501a0214e8b28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtectEx
ReadProcessMemory
ReadProcessMemory
ReleaseMutex
LoadLibraryA
ReadProcessMemory
ReadProcessMemory
WaitForSingleObjectEx
LoadLibraryA
VirtualProtect
Sleep
TerminateProcess
GetStartupInfoW
LoadLibraryExW
CreateFileA
GetSystemTimeAsFileTime
GetStartupInfoW
GetSystemTime
GetSystemTimeAsFileTime
LoadLibraryA
ReadFile
WaitForSingleObject
CreateProcessA
WaitForSingleObject
GetStartupInfoA
DeviceIoControl
GetSystemTime
LoadLibraryExW
LoadLibraryExW
DeviceIoControl
TerminateProcess
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
GetStartupInfoW
VirtualProtect
VirtualProtectEx
CreateFileA
GetSystemTimeAsFileTime
LoadLibraryExW
LoadLibraryExW
VirtualProtect
CreateProcessW
TerminateProcess
CreateProcessW
CreateProcessW
CreateProcessW
GetSystemTime
ReadProcessMemory
LoadLibraryExA
Sleep
WaitForSingleObject
ReadFile
WaitForSingleObject
GetStartupInfoA
WaitForSingleObjectEx
CreateProcessA
CreateFileA
Sleep
VirtualProtectEx
LoadLibraryExW
GetStartupInfoW
GetSystemTimeAsFileTime
CreateProcessA
GetStartupInfoW
TerminateProcess
WriteProcessMemory
LoadLibraryA
SleepEx
WaitForSingleObject
TerminateProcess
WriteProcessMemory
GetSystemTime
DeviceIoControl
GetStartupInfoA
LoadLibraryExW
CreateFileA
WaitForSingleObject
VirtualProtectEx
CreateFileA
CreateProcessA
LoadLibraryExW
WaitForSingleObjectEx
WaitForSingleObjectEx
LoadLibraryA
WriteProcessMemory
CreateFileA
WaitForSingleObject
GetStartupInfoW
WaitForSingleObjectEx
TerminateProcess
LoadLibraryA
DeviceIoControl
GetSystemTimeAsFileTime
ReadFile
WriteProcessMemory
VirtualProtect
SleepEx
ReadFile
SleepEx
CreateFileA
TerminateProcess
WaitForSingleObject
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
GetSystemTime
TerminateProcess
ReleaseMutex
WriteProcessMemory
LoadLibraryExA
ReadFile
TerminateProcess
CreateProcessW
VirtualProtectEx
ReleaseMutex
CreateProcessW
TerminateProcess
ReleaseMutex
GetStartupInfoW
ReleaseMutex
DeviceIoControl
GetStartupInfoA
SleepEx
CreateProcessW
VirtualProtectEx
VirtualProtect
WriteProcessMemory
CreateProcessW
GetStartupInfoW
ReadProcessMemory
CreateFileA
Sleep
ReadFile
SleepEx
LoadLibraryA
VirtualProtectEx
GetSystemTimeAsFileTime
CreateProcessW
WaitForSingleObject
Sleep
WaitForSingleObjectEx
SleepEx
ReadFile
WaitForSingleObject
GetStartupInfoW
SleepEx
VirtualProtect
TerminateProcess
LoadLibraryA
LoadLibraryA
CreateProcessA
SleepEx
LoadLibraryExW
LoadLibraryA
GetStartupInfoW
LoadLibraryExA
VirtualProtectEx
LoadLibraryA
CreateFileA
WaitForSingleObjectEx
LoadLibraryExA
ReadProcessMemory
TerminateProcess
LoadLibraryExA
Sleep

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.itext
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a90a2f262ef38522e84501a0214e8b28

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 7KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.itext Size: 38KB - Virtual size: 40KB

.rsrc Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.itext
Size: 38KB - Virtual size: 40KB

.rsrc
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB