d0be1525a1081e8726cfef6fd2dfd2cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0be1525a1081e8726cfef6fd2dfd2cb_JaffaCakes118
Size

172KB
MD5

d0be1525a1081e8726cfef6fd2dfd2cb
SHA1

f5c6cbc841488565393cf082c86d1396fd54099f
SHA256

a451e4c5b371c12eb376b91857cee8af0cd3369d3e48f1eabef36ddc3cc302c0
SHA512

5c517d3b07e7f09b303a9745bf8eb4b5c8a56af4b6527d0eb4f8edbc329831cd38ddd384c555d45a5a3f7af70feb949efd88e606ac9a7e5f42a2a06744b2413e
SSDEEP

3072:Y9r+zSx+dI4pbLStyd1TLxUUsOxTvOxCsEsQ:YTV4DdtxUUs4TvOxb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0be1525a1081e8726cfef6fd2dfd2cb_JaffaCakes118

Files

d0be1525a1081e8726cfef6fd2dfd2cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17b38119cd01a5af04a8a58041c49dbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetDCEx

gdi32

SetROP2

kernel32

GetStartupInfoA
DeviceIoControl
Sleep
ReleaseMutex
WriteProcessMemory
ReadFile
CreateProcessA
DeviceIoControl
CreateProcessW
SleepEx
VirtualProtectEx
ReadFile
GetSystemTime
GetSystemTime
GetSystemTimeAsFileTime
CreateProcessW
LoadLibraryA
WaitForSingleObjectEx
SleepEx
LoadLibraryExA
WriteProcessMemory
GetStartupInfoA
GetSystemTime
LoadLibraryA
DeviceIoControl
ReadProcessMemory
GetSystemTimeAsFileTime
SleepEx
ReadFile
VirtualProtect
DeviceIoControl
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetCommandLineA
TlsGetValue
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
GetStartupInfoW
CreateProcessA
CreateProcessA
GetSystemTime
GetSystemTimeAsFileTime
LoadLibraryExA
LoadLibraryExW
TerminateProcess
VirtualProtect
LoadLibraryExA
GetStartupInfoA
VirtualProtect
CreateProcessA
DeviceIoControl
WriteProcessMemory
GetSystemTime
VirtualProtectEx
GetSystemTime
GetStartupInfoA
WriteProcessMemory
LoadLibraryExW
WaitForSingleObject
LoadLibraryExA
DeviceIoControl
GetStartupInfoW
WaitForSingleObject
LoadLibraryExA
CreateProcessA
LoadLibraryA
GetStartupInfoW
Sleep
LoadLibraryExW
LoadLibraryA
CreateProcessA
WriteProcessMemory
CreateProcessW
Sleep
ReleaseMutex
LoadLibraryA
LoadLibraryExW
ReadProcessMemory
CreateFileA
LoadLibraryExA
GetStartupInfoA
SleepEx
VirtualProtectEx
VirtualProtect
WaitForSingleObject
LoadLibraryExW
VirtualProtect
LoadLibraryA
LoadLibraryExA
WaitForSingleObject
CreateProcessW
WaitForSingleObject
LoadLibraryA
ReadFile
Sleep
ReadProcessMemory
CreateProcessA
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
LoadLibraryA
Sleep
Sleep
DeviceIoControl
CreateProcessW
WaitForSingleObject
WaitForSingleObjectEx
LoadLibraryExW
ReadProcessMemory
CreateProcessW
CreateProcessW
ReleaseMutex
CreateFileA
TerminateProcess
TerminateProcess
TerminateProcess
ReleaseMutex
Sleep
GetSystemTime
VirtualProtectEx
WaitForSingleObject
GetStartupInfoW
GetSystemTime
CreateProcessW
VirtualProtectEx
WaitForSingleObject
LoadLibraryExW
ReadFile
TerminateProcess
CreateProcessW
CreateProcessA
ReleaseMutex
ReadProcessMemory
GetStartupInfoW
WaitForSingleObjectEx
ReleaseMutex
LoadLibraryExW
VirtualProtectEx
Sleep
SleepEx
VirtualProtectEx
WaitForSingleObjectEx
LoadLibraryExW
CreateProcessW
GetSystemTime
VirtualProtect
WaitForSingleObject
LoadLibraryExA
GetSystemTimeAsFileTime
VirtualProtectEx
CreateFileA
ReleaseMutex
DeviceIoControl
DeviceIoControl
WaitForSingleObjectEx
LoadLibraryA
GetStartupInfoA
GetSystemTimeAsFileTime
DeviceIoControl
LoadLibraryA
ReadFile
WaitForSingleObjectEx
GetSystemTime
WaitForSingleObject
ReadProcessMemory
DeviceIoControl
GetStartupInfoA
GetStartupInfoA
LoadLibraryExA

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17b38119cd01a5af04a8a58041c49dbe

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 10KB - Virtual size: 12KB

.itext Size: 146KB - Virtual size: 148KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 12KB

.itext
Size: 146KB - Virtual size: 148KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB