fa31f8a4612b6248d9c9bdfb4f1cee8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa31f8a4612b6248d9c9bdfb4f1cee8d_JaffaCakes118
Size

130KB
MD5

fa31f8a4612b6248d9c9bdfb4f1cee8d
SHA1

0c3b1744dee533d9d53cdcb1b0ea2c18aa718dff
SHA256

a7efc48d1f6fdb25563682fd3fd811d31b0d5f9a34188493344c9761f9924b45
SHA512

e65b1c39c955072ea30a2b1f35a30c19cb8c4107a1c6419f768ac1e3f30dffd9768630671f1f6778a4204f1f2d22d0c7286de85e33394b1f3bd81d8d6ba7434a
SSDEEP

3072:GjAOa9CVCCG7t38qdNdkb9VWnnAxkQlyZn4NkRPa5agwp:GjAO9VgokQly14awa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa31f8a4612b6248d9c9bdfb4f1cee8d_JaffaCakes118

Files

fa31f8a4612b6248d9c9bdfb4f1cee8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

508d931e751803e01e9026d57dc4d542

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetSystemTime
ReleaseMutex
WaitForSingleObject
GetSystemTime
CreateFileA
LoadLibraryExW
VirtualProtect
LoadLibraryA
VirtualProtectEx
ReadProcessMemory
GetStartupInfoW
GetSystemTime
WaitForSingleObject
GetStartupInfoA
CreateProcessW
TerminateProcess
GetSystemTimeAsFileTime
ReadProcessMemory
GetStartupInfoA
GetStartupInfoW
WaitForSingleObject
WriteProcessMemory
VirtualProtectEx
WaitForSingleObjectEx
WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
ReadProcessMemory
ReadFile
WaitForSingleObject
WaitForSingleObjectEx
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
ReadProcessMemory
CreateFileA
WaitForSingleObjectEx
DeviceIoControl
ReadProcessMemory
WriteProcessMemory
GetSystemTime
VirtualProtectEx
LoadLibraryExA
LoadLibraryExA
GetSystemTime
Sleep
CreateFileA
ReadProcessMemory
GetSystemTimeAsFileTime
WaitForSingleObject
WaitForSingleObject
WaitForSingleObjectEx
WaitForSingleObjectEx
ReadProcessMemory
WaitForSingleObjectEx
GetSystemTime
VirtualProtect
WriteProcessMemory
LoadLibraryExA
CreateFileA
ReadProcessMemory
VirtualProtectEx
CreateFileA
GetSystemTimeAsFileTime
ReleaseMutex
WriteProcessMemory
CreateProcessA
VirtualProtectEx
WriteProcessMemory
Sleep
LoadLibraryExW
CreateFileA
CreateFileA
GetStartupInfoA
CreateProcessW
ReadProcessMemory
LoadLibraryExA
CreateProcessW
SleepEx
CreateProcessA
SleepEx
ReleaseMutex
LoadLibraryExW
CreateFileA
ReadProcessMemory
VirtualProtect
ReleaseMutex
GetSystemTime
LoadLibraryExA
GetStartupInfoW
CreateFileA
ReadFile
LoadLibraryExA
DeviceIoControl
LoadLibraryA
SleepEx
VirtualProtect
CreateProcessW
CreateProcessW
GetStartupInfoA
VirtualProtectEx
WaitForSingleObject
WaitForSingleObject
TerminateProcess
LoadLibraryExA
VirtualProtectEx
GetStartupInfoA
DeviceIoControl
WaitForSingleObjectEx
WaitForSingleObject
LoadLibraryExW
VirtualProtect
WriteProcessMemory
GetSystemTime
GetStartupInfoW
SleepEx
CreateProcessW
ReadFile
CreateFileA
GetStartupInfoW
LoadLibraryA
CreateFileA
WriteProcessMemory
CreateFileA
LoadLibraryExA
SleepEx
CreateProcessA
ReleaseMutex
Sleep
CreateProcessA
GetSystemTimeAsFileTime
VirtualProtectEx
WriteProcessMemory
VirtualProtectEx
ReadFile
GetStartupInfoA
TerminateProcess
GetStartupInfoW
Sleep
CreateProcessA
CreateFileA
LoadLibraryExA
ReadProcessMemory
CreateFileA
ReadProcessMemory
SleepEx
LoadLibraryA
LoadLibraryA
VirtualProtectEx
VirtualProtectEx
CreateProcessW
GetStartupInfoW
ReadFile
LoadLibraryA
CreateProcessW
ReleaseMutex
SleepEx
VirtualProtect
SleepEx
WaitForSingleObjectEx
ReadFile
VirtualProtect
SleepEx
GetSystemTimeAsFileTime
ReadFile

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.itext
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

508d931e751803e01e9026d57dc4d542

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 7KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.itext Size: 109KB - Virtual size: 112KB

.rsrc Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.itext
Size: 109KB - Virtual size: 112KB

.rsrc
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB