110a6813ebe5b825250e12b515f6b206_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

110a6813ebe5b825250e12b515f6b206_JaffaCakes118
Size

182KB
MD5

110a6813ebe5b825250e12b515f6b206
SHA1

1b3f054571ec00d80e4fbfddfd22b6729a1c944e
SHA256

6a3b8e31c424d27c584198709a0a6f59c900144ef770c6ae24e7d1db3bc3d1c3
SHA512

7ab4aef24ebf22dd6dc21d17362731c1b7a35425f288f5f7142b4c1fa1d2b7b779a5331e71e14632edd47cd624ca26b4871ce3e97176d3255258d75a970587fa
SSDEEP

3072:RkOeF52sRI9Hq8WPTcl68AASn5MzStswnfa7Vtquf0ZRYbwh2:2pCLHAu68AAAQSts+Q/Vf036wh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110a6813ebe5b825250e12b515f6b206_JaffaCakes118

Files

110a6813ebe5b825250e12b515f6b206_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e09296cb6c3821bd42e1d22473f85522

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WaitForSingleObject
GetStartupInfoA
WriteProcessMemory
WriteProcessMemory
VirtualProtect
WaitForSingleObject
GetSystemTime
GetStartupInfoA
CreateFileA
VirtualProtectEx
LoadLibraryExA
SleepEx
LoadLibraryA
LoadLibraryExW
GetSystemTime
WaitForSingleObject
GetSystemTimeAsFileTime
ReadProcessMemory
SleepEx
CreateProcessW
GetStartupInfoA
ReadProcessMemory
VirtualProtect
LoadLibraryA
LoadLibraryA
LoadLibraryExA
LoadLibraryExA
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
LoadLibraryExW
ReleaseMutex
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
GetHandleInformation
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetSystemTimeAsFileTime
ReleaseMutex
GetSystemTime
GetStartupInfoA
WaitForSingleObject
GetStartupInfoA
ReadFile
CreateFileA
DeviceIoControl
WaitForSingleObject
DeviceIoControl
ReleaseMutex
WaitForSingleObjectEx
ReadProcessMemory
VirtualProtect
GetSystemTimeAsFileTime
LoadLibraryA
LoadLibraryExA
SleepEx
VirtualProtect
TerminateProcess
LoadLibraryA
SleepEx
GetSystemTime
LoadLibraryExW
GetStartupInfoA
CreateProcessW
CreateProcessA
VirtualProtectEx
LoadLibraryExA
VirtualProtect
CreateFileA
ReadProcessMemory
CreateProcessA
CreateProcessA
LoadLibraryExA
CreateProcessA
Sleep
VirtualProtectEx
WriteProcessMemory
WaitForSingleObjectEx
GetStartupInfoW
DeviceIoControl
TerminateProcess
ReadFile
VirtualProtect
VirtualProtect
Sleep
Sleep
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoW
Sleep
LoadLibraryExW
ReleaseMutex
Sleep
Sleep
ReadProcessMemory
WaitForSingleObjectEx
VirtualProtect
GetSystemTimeAsFileTime
CreateProcessA
GetStartupInfoA
ReleaseMutex
LoadLibraryA
GetSystemTime
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
SleepEx
WaitForSingleObjectEx
SleepEx
WaitForSingleObject
CreateProcessA
GetSystemTimeAsFileTime
WaitForSingleObjectEx
LoadLibraryExW
VirtualProtect
ReleaseMutex
GetStartupInfoW
WriteProcessMemory
VirtualProtect
ReleaseMutex
CreateProcessW
GetSystemTime
DeviceIoControl
CreateProcessA
SleepEx
Sleep
TerminateProcess
GetStartupInfoW
CreateProcessA
GetStartupInfoA
WaitForSingleObject
GetStartupInfoW
ReleaseMutex
VirtualProtectEx
WriteProcessMemory
GetStartupInfoW
VirtualProtect
GetStartupInfoA
ReleaseMutex
WriteProcessMemory
VirtualProtectEx
CreateProcessW
ReadFile
LoadLibraryExA
VirtualProtect
CreateProcessA
CreateProcessW
WriteProcessMemory
VirtualProtect
VirtualProtectEx
Sleep
VirtualProtectEx
CreateProcessA
DeviceIoControl
GetSystemTimeAsFileTime
ReadProcessMemory
LoadLibraryA
GetStartupInfoA
CreateProcessW
CreateProcessA
WriteProcessMemory
ReadProcessMemory
WaitForSingleObjectEx
LoadLibraryExA
WaitForSingleObject
GetStartupInfoA
VirtualProtect
CreateFileA
GetStartupInfoW
SleepEx
LoadLibraryA
WaitForSingleObjectEx
SleepEx
LoadLibraryExA
CreateProcessA
GetSystemTimeAsFileTime
VirtualProtectEx
GetStartupInfoA

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e09296cb6c3821bd42e1d22473f85522

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 6KB - Virtual size: 8KB

.rdata Size: 9KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 142KB - Virtual size: 144KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 8KB

.rdata
Size: 9KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 142KB - Virtual size: 144KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB