1446152ae980d269c97a74967ea155b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1446152ae980d269c97a74967ea155b7_JaffaCakes118
Size

100KB
MD5

1446152ae980d269c97a74967ea155b7
SHA1

801edc465fe5ab6a6eb1b0c6e85bdaa5a84b32aa
SHA256

6b5b2384886f00a5282156b8972a0fa8a625b11c9641c54c0e700c11ebff5483
SHA512

fcd025cf609b47d9f14fdc3148639d5704bbe7580186102d006b2c4ed141f4c83b37d503c8856ab10f0e7a2a4ea16a8fa42c1ce668949ebca453155429a99a1d
SSDEEP

3072:lZtkgBk1nZOVCewvn450LzeXMM5ZZ48oua:lMgW1neyv450LS8Az48o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1446152ae980d269c97a74967ea155b7_JaffaCakes118

Files

1446152ae980d269c97a74967ea155b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2fa50267c133473fd3c3d5fb4ef141b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryExW
VirtualProtectEx
GetStartupInfoW
ReadFile
VirtualProtect
WriteProcessMemory
LoadLibraryExW
GetSystemTime
ReadFile
DeviceIoControl
CreateProcessW
ReleaseMutex
CreateProcessW
SleepEx
LoadLibraryExA
LoadLibraryExA
ReleaseMutex
Sleep
WriteProcessMemory
GetStartupInfoA
LoadLibraryExA
LoadLibraryA
CreateProcessW
ReadFile
TerminateProcess
ReleaseMutex
CreateProcessA
LoadLibraryExA
GetSystemTimeAsFileTime
GetStartupInfoW
DeviceIoControl
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
GetHandleInformation
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
TerminateProcess
WaitForSingleObject
WriteProcessMemory
GetSystemTimeAsFileTime
VirtualProtect
LoadLibraryExA
WaitForSingleObjectEx
TerminateProcess
LoadLibraryExA
SleepEx
VirtualProtectEx
VirtualProtect
GetSystemTime
CreateProcessA
GetSystemTimeAsFileTime
VirtualProtectEx
LoadLibraryA
ReadProcessMemory
GetSystemTime
Sleep
GetSystemTimeAsFileTime
LoadLibraryExW
WaitForSingleObjectEx
WriteProcessMemory
WriteProcessMemory
LoadLibraryExA
GetSystemTime
LoadLibraryA
Sleep
GetSystemTime
GetSystemTime
ReadFile
TerminateProcess
GetStartupInfoA
LoadLibraryA
VirtualProtectEx
GetStartupInfoA
WriteProcessMemory
Sleep
WaitForSingleObject
LoadLibraryA
WaitForSingleObject
LoadLibraryExW
CreateProcessA
WaitForSingleObject
LoadLibraryExA
LoadLibraryA
SleepEx
LoadLibraryExW
ReadProcessMemory
LoadLibraryA
GetStartupInfoA
DeviceIoControl
Sleep
LoadLibraryExA
TerminateProcess
LoadLibraryA
VirtualProtectEx
CreateProcessW
Sleep
WaitForSingleObject
VirtualProtect
LoadLibraryA
WriteProcessMemory
CreateFileA
CreateProcessW
TerminateProcess
WaitForSingleObject
CreateProcessW
GetSystemTime
VirtualProtect
LoadLibraryExA
ReleaseMutex
ReleaseMutex
ReleaseMutex
LoadLibraryExW
GetStartupInfoW
GetStartupInfoW
CreateProcessW
ReadProcessMemory
TerminateProcess
VirtualProtectEx
VirtualProtect
CreateProcessA
LoadLibraryA
GetSystemTime
VirtualProtect
WaitForSingleObject
VirtualProtectEx
WaitForSingleObjectEx
WaitForSingleObject
WaitForSingleObjectEx
ReadProcessMemory
CreateProcessW
SleepEx
ReadFile
ReleaseMutex
ReadFile
VirtualProtectEx
GetStartupInfoA
ReadProcessMemory
WriteProcessMemory
WaitForSingleObject
GetStartupInfoW
CreateFileA
CreateProcessA
SleepEx
GetSystemTime
VirtualProtect
CreateProcessW
CreateProcessW
CreateProcessW
LoadLibraryExW
VirtualProtectEx
CreateProcessA
GetStartupInfoW
LoadLibraryExW
LoadLibraryA
WriteProcessMemory
WaitForSingleObjectEx
WriteProcessMemory
LoadLibraryExW
Sleep
LoadLibraryA
GetStartupInfoW
Sleep
ReadFile
WriteProcessMemory
WaitForSingleObjectEx
GetSystemTimeAsFileTime
Sleep

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2fa50267c133473fd3c3d5fb4ef141b

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 4KB

.data Size: 77KB - Virtual size: 80KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 77KB - Virtual size: 80KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB