dbeb93a026947787fd98e479ece8e4b4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dbeb93a026947787fd98e479ece8e4b4_JaffaCakes118
Size

140KB
MD5

dbeb93a026947787fd98e479ece8e4b4
SHA1

cf496a9c10c98729b49ba567a931fdfdeaed62a7
SHA256

2144c035342abb8ee7a4859532ee25901f931b9006db92d407f33bcf3acf7fb0
SHA512

6e56896c6a770388cb855f36ac2862289a2143538144d87bc4b4675978fc0ae39812075c60f83d7a3dd784e03dd67681e2f0478593eb5ccc62f6286bc1a65938
SSDEEP

1536:+NT2yUG9bIk6Xzx9W+eKqOs4pG38hZUYon2o7E5VrY243Yn/PoOcfb:+Y/8bLWbWZKa4pY8hZUYon2biYIRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbeb93a026947787fd98e479ece8e4b4_JaffaCakes118

Files

dbeb93a026947787fd98e479ece8e4b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

737d75cf64c02443fe331df8f6b84dab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeviceIoControl
LoadLibraryA
VirtualProtectEx
GetSystemTime
VirtualProtectEx
CreateProcessW
DeviceIoControl
DeviceIoControl
VirtualProtect
ReadProcessMemory
TerminateProcess
WaitForSingleObjectEx
WaitForSingleObjectEx
GetStartupInfoW
VirtualProtect
ReadFile
SleepEx
WaitForSingleObjectEx
ReleaseMutex
ReleaseMutex
VirtualProtect
CreateProcessA
ReleaseMutex
VirtualProtect
SleepEx
VirtualProtect
LoadLibraryA
LoadLibraryA
Sleep
LoadLibraryExW
CreateProcessW
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
GetHandleInformation
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
CreateProcessW
SleepEx
GetStartupInfoA
CreateFileA
CreateProcessW
ReadProcessMemory
GetStartupInfoA
SleepEx
DeviceIoControl
LoadLibraryA
Sleep
GetSystemTimeAsFileTime
WriteProcessMemory
DeviceIoControl
VirtualProtectEx
Sleep
ReadProcessMemory
GetSystemTimeAsFileTime
VirtualProtectEx
TerminateProcess
ReleaseMutex
VirtualProtectEx
SleepEx
LoadLibraryExW
ReadFile
Sleep
ReleaseMutex
LoadLibraryExW
CreateProcessW
GetStartupInfoA
GetSystemTime
DeviceIoControl
WaitForSingleObject
DeviceIoControl
GetSystemTime
ReadProcessMemory
CreateProcessW
GetStartupInfoW
CreateFileA
GetStartupInfoW
WaitForSingleObject
LoadLibraryExA
WaitForSingleObject
LoadLibraryExA
LoadLibraryExA
Sleep
WaitForSingleObject
GetStartupInfoW
GetStartupInfoA
GetSystemTimeAsFileTime
LoadLibraryExA
GetSystemTimeAsFileTime
VirtualProtectEx
LoadLibraryA
GetSystemTimeAsFileTime
Sleep
CreateProcessW
ReadProcessMemory
LoadLibraryExW
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
LoadLibraryExW
CreateProcessW
GetStartupInfoW
CreateProcessA
WaitForSingleObjectEx
ReadFile
WaitForSingleObject
WaitForSingleObjectEx
GetSystemTimeAsFileTime
ReadProcessMemory
GetSystemTimeAsFileTime
TerminateProcess
CreateProcessW
GetStartupInfoA
Sleep
CreateProcessW
CreateProcessA
Sleep
WaitForSingleObjectEx
CreateProcessA
TerminateProcess
Sleep
LoadLibraryExA
GetStartupInfoW
CreateFileA
GetStartupInfoW
LoadLibraryA
SleepEx
ReleaseMutex
VirtualProtect
CreateFileA
CreateProcessW
GetStartupInfoA
Sleep
GetStartupInfoW
WriteProcessMemory
VirtualProtect
WaitForSingleObjectEx
VirtualProtect
VirtualProtect
TerminateProcess
CreateProcessA
GetSystemTimeAsFileTime
ReadFile
Sleep
SleepEx
VirtualProtectEx
GetStartupInfoW
GetStartupInfoA
LoadLibraryExW
WriteProcessMemory
WaitForSingleObject
VirtualProtect
WaitForSingleObjectEx
ReadProcessMemory
CreateFileA
GetSystemTime
LoadLibraryA
ReadProcessMemory
ReleaseMutex
VirtualProtectEx
Sleep
VirtualProtectEx
CreateProcessA
CreateFileA
VirtualProtect
LoadLibraryExW
ReadFile
DeviceIoControl
WriteProcessMemory

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

737d75cf64c02443fe331df8f6b84dab

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 9KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.data Size: 117KB - Virtual size: 120KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 117KB - Virtual size: 120KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB