820bab8512636c94366696c816144fa9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

820bab8512636c94366696c816144fa9_JaffaCakes118
Size

118KB
MD5

820bab8512636c94366696c816144fa9
SHA1

144bf5fe3c09cfe33941bd92a53912580845a8dc
SHA256

52721cb47809b07d80eb27de719334b5acbabf727f1fb9f428e519afc68cda6b
SHA512

9520d41f84dc5e9cf5e6bdc5804db7fbc3c7c8869bf1ab4fb3ed2455135e6f4c117bb10e1a0ca9771d153ea999ea31d5da47b3e5595b57579a8882f03ef99db7
SSDEEP

768:sgnwTojbNK1VYL7YynFU5CEuNca1DiEDOg3E4gW4OaYU5SGLEdqK0tAcut:sVoXnF+Aj1Py4E4g+fU51L0CtAcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
820bab8512636c94366696c816144fa9_JaffaCakes118

Files

820bab8512636c94366696c816144fa9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

101cfd674831dc5afb086f5021f755fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
TerminateProcess
WaitForSingleObject
GetTickCount
InterlockedIncrement
WriteFile
WaitForSingleObject
MultiByteToWideChar
lstrcpyW
GetACP
VirtualAlloc
GetModuleHandleW
VirtualFree
SetUnhandledExceptionFilter
TerminateProcess
GetProcessHeap
lstrcpyW
GetTickCount
Sleep
LoadLibraryA
SetEvent
LocalAlloc
UnhandledExceptionFilter
GetStartupInfoA
HeapFree
WriteFile
SetLastError
MultiByteToWideChar
SetLastError
GetTickCount
GetModuleHandleW
LocalFree
SetFilePointer
GetVersionExA
SetFilePointer
WaitForSingleObject
VirtualAlloc
LocalAlloc
lstrcmpiW
EnterCriticalSection
ReadFile
WaitForSingleObject
SetFilePointer
GetModuleHandleA
GetCurrentProcess
LocalFree
GetCommandLineA
GetModuleFileNameA
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
DeleteCriticalSection
Sleep
FreeLibrary
Sleep
VirtualFree
VirtualAlloc
GetProcAddress
SetEvent
GetACP
GetStartupInfoA
CreateFileW
GetModuleHandleA
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcessId
ExitProcess
TerminateProcess
EnterCriticalSection
LocalAlloc
TerminateProcess
GetCommandLineW
WideCharToMultiByte
InterlockedDecrement
GetACP
GetCommandLineW
LoadLibraryA
HeapDestroy
GetCommandLineW
HeapDestroy
TerminateProcess
GetLastError
GetTickCount
VirtualAlloc
GetStartupInfoA
QueryPerformanceCounter
TerminateProcess
LoadLibraryW
HeapAlloc
GetCurrentThreadId
ReadFile
CreateThread
ExitProcess
SetUnhandledExceptionFilter
HeapFree
VirtualFree
DeleteCriticalSection
InterlockedDecrement
HeapReAlloc
LeaveCriticalSection
GetLastError
lstrlenW
CreateThread
InterlockedIncrement
GetModuleFileNameA
VirtualFree
VirtualFree
ReadFile
lstrcmpiW
QueryPerformanceCounter
DeleteCriticalSection
HeapDestroy
QueryPerformanceCounter
SetEvent
HeapAlloc
LeaveCriticalSection
GetStartupInfoA
MultiByteToWideChar
InterlockedDecrement
lstrcpyW
ReadFile
GetCurrentThreadId
HeapDestroy
HeapAlloc
lstrcmpiW

Sections

.data
Size: 102KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

101cfd674831dc5afb086f5021f755fc

Headers

File Characteristics

Imports

kernel32

Sections

.data Size: 102KB - Virtual size: 120KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data
Size: 102KB - Virtual size: 120KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB