2d889a29fb141833125c43f0e2babcd4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d889a29fb141833125c43f0e2babcd4_JaffaCakes118
Size

142KB
MD5

2d889a29fb141833125c43f0e2babcd4
SHA1

a1c3204120494d16fb45b2a0c29b7fbf950eb2af
SHA256

1e4eb15b2275b43e6379be619fdaf02fd560531633276d34fbb83f2ad15ceec2
SHA512

fba5d4aff4caebe9a55e13d0497b59550c59689a80bcfd5ff50bec0e90d5075bc6f00be385fea2be4ec896563a8c669b18403608ba90ac05059f5e9facbb5628
SSDEEP

3072:JBdZSZEvvd/IrGyn0zjwOg2bwyaE51s0v:JPZU0vqQQOHbw/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d889a29fb141833125c43f0e2babcd4_JaffaCakes118

Files

2d889a29fb141833125c43f0e2babcd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e49a63ff645116a16b8055a30a810b36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetDCEx

gdi32

SetROP2

kernel32

SleepEx
CreateProcessA
WriteProcessMemory
GetSystemTime
SleepEx
WriteProcessMemory
WaitForSingleObject
GetSystemTime
WriteProcessMemory
WaitForSingleObject
WaitForSingleObject
ReadProcessMemory
LoadLibraryExA
GetStartupInfoW
GetStartupInfoW
LoadLibraryExA
CreateProcessA
ReleaseMutex
GetSystemTimeAsFileTime
ReadProcessMemory
VirtualProtectEx
LoadLibraryA
DeviceIoControl
DeviceIoControl
LoadLibraryExW
WriteProcessMemory
Sleep
WriteProcessMemory
Sleep
TerminateProcess
SleepEx
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetCommandLineA
TlsGetValue
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
LoadLibraryA
CreateProcessA
ReleaseMutex
ReleaseMutex
VirtualProtectEx
Sleep
WaitForSingleObjectEx
SleepEx
GetSystemTimeAsFileTime
ReleaseMutex
WaitForSingleObject
WaitForSingleObjectEx
Sleep
SleepEx
LoadLibraryExW
TerminateProcess
WaitForSingleObjectEx
Sleep
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetSystemTime
TerminateProcess
Sleep
ReadProcessMemory
ReleaseMutex
LoadLibraryA
GetStartupInfoA
ReadFile
LoadLibraryExW
WaitForSingleObject
LoadLibraryA
GetStartupInfoW
ReleaseMutex
DeviceIoControl
GetSystemTime
ReadProcessMemory
CreateProcessW
Sleep
SleepEx
SleepEx
LoadLibraryExW
GetSystemTimeAsFileTime
WriteProcessMemory
GetSystemTime
ReadFile
ReadProcessMemory
WaitForSingleObject
SleepEx
ReadProcessMemory
TerminateProcess
ReleaseMutex
CreateFileA
GetSystemTime
WaitForSingleObjectEx
WaitForSingleObject
TerminateProcess
WaitForSingleObject
ReadProcessMemory
DeviceIoControl
DeviceIoControl
DeviceIoControl
GetSystemTimeAsFileTime
DeviceIoControl
ReleaseMutex
CreateProcessW
CreateFileA
ReadFile
LoadLibraryA
DeviceIoControl
GetStartupInfoA
WaitForSingleObjectEx
GetStartupInfoW
DeviceIoControl
GetStartupInfoA
DeviceIoControl
DeviceIoControl
WaitForSingleObject
CreateFileA
ReleaseMutex
LoadLibraryExW
GetStartupInfoA
VirtualProtect
TerminateProcess
CreateFileA
GetSystemTimeAsFileTime
TerminateProcess
VirtualProtect
ReadProcessMemory
CreateProcessW
WaitForSingleObject
GetSystemTime
ReadProcessMemory
CreateProcessA
LoadLibraryA
CreateFileA
CreateFileA
GetSystemTimeAsFileTime
GetStartupInfoW
VirtualProtectEx
VirtualProtectEx
GetSystemTime
ReadFile
VirtualProtectEx
ReadFile
LoadLibraryA
GetStartupInfoA
GetStartupInfoA
WaitForSingleObject
GetSystemTime
SleepEx
GetSystemTimeAsFileTime
VirtualProtect
TerminateProcess
WriteProcessMemory
VirtualProtect
GetStartupInfoW
CreateProcessW
GetSystemTime
LoadLibraryExW
DeviceIoControl
ReadProcessMemory
GetStartupInfoW
LoadLibraryExW
ReadProcessMemory
WaitForSingleObject
Sleep
TerminateProcess
WaitForSingleObject
ReadProcessMemory
WaitForSingleObject
ReadProcessMemory

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e49a63ff645116a16b8055a30a810b36

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 10KB - Virtual size: 12KB

.itext Size: 116KB - Virtual size: 120KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 12KB

.itext
Size: 116KB - Virtual size: 120KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB