2e88921f0b8fb0575feddab940bf6332_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e88921f0b8fb0575feddab940bf6332_JaffaCakes118
Size

654KB
MD5

2e88921f0b8fb0575feddab940bf6332
SHA1

f7164e956d9825717af21a92938c46198bbcee35
SHA256

735968e6aa65eedf75d37b006640ae6900232f3decb474ab69a57f0fdf024ad4
SHA512

25d655397818877759421bdcd73f9cc2c05db64f32f2b58b9b0450c6cfd012645c72b7cfa88a5f59445c249168adc443d9775a4dc8cc8dbfd868aa2ac7eb6bdb
SSDEEP

12288:gcanfZvYc7eWJb6NUmCZgJwQLYBkBNiFbpBi8n3NDWN8UfEfi3:g5n2cyHbheQLzYzBi8390Vb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e88921f0b8fb0575feddab940bf6332_JaffaCakes118

Files

2e88921f0b8fb0575feddab940bf6332_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72ffb62ae5db7730c6b4c4c9e4a98c7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WaitForSingleObject
ReadFile
CreateFileA
TerminateProcess
GetStartupInfoA
GetSystemTime
CreateFileA
LoadLibraryA
LoadLibraryExW
SleepEx
GetSystemTime
CreateProcessW
WriteProcessMemory
CreateFileA
LoadLibraryExW
Sleep
LoadLibraryExA
ReleaseMutex
WaitForSingleObjectEx
GetStartupInfoW
WaitForSingleObject
DeviceIoControl
ReleaseMutex
GetSystemTime
VirtualProtectEx
WaitForSingleObject
ReadProcessMemory
Sleep
LoadLibraryA
TerminateProcess
CreateProcessW
GetProcAddress
FindFirstChangeNotificationW
GetLastError
LoadLibraryA
GetCurrentDirectoryA
GetHandleInformation
WaitForSingleObjectEx
WriteProcessMemory
CreateProcessW
VirtualProtect
ReadProcessMemory
SleepEx
VirtualProtect
GetStartupInfoA
VirtualProtectEx
TerminateProcess
DeviceIoControl
LoadLibraryExA
VirtualProtect
LoadLibraryExW
VirtualProtect
WaitForSingleObjectEx
WriteProcessMemory
GetStartupInfoA
GetSystemTime
ReleaseMutex
ReadProcessMemory
CreateProcessW
WaitForSingleObject
VirtualProtect
ReleaseMutex
ReadFile
CreateProcessW
WaitForSingleObject
GetSystemTimeAsFileTime
ReadProcessMemory
CreateProcessW
LoadLibraryA
WaitForSingleObject
DeviceIoControl
GetStartupInfoW
CreateProcessA
WaitForSingleObjectEx
DeviceIoControl
CreateProcessA
LoadLibraryExA
LoadLibraryA
ReadProcessMemory
LoadLibraryExW
WriteProcessMemory
CreateProcessA
ReleaseMutex
LoadLibraryA
WriteProcessMemory
SleepEx
WaitForSingleObjectEx
GetStartupInfoW
ReleaseMutex
VirtualProtectEx
LoadLibraryExA
DeviceIoControl
LoadLibraryExW
SleepEx
LoadLibraryA
ReadProcessMemory
ReadFile
LoadLibraryExA
ReadProcessMemory
ReadProcessMemory
ReadFile
SleepEx
WaitForSingleObject
GetStartupInfoA
DeviceIoControl
LoadLibraryExW
ReadProcessMemory
WriteProcessMemory
LoadLibraryExW
TerminateProcess
WriteProcessMemory
WriteProcessMemory
GetSystemTimeAsFileTime
LoadLibraryExW
CreateFileA
GetSystemTime
WaitForSingleObjectEx
LoadLibraryExW
ReleaseMutex
WaitForSingleObject
CreateFileA
GetSystemTime
GetSystemTime
GetSystemTime
ReleaseMutex
CreateFileA
GetSystemTime
WaitForSingleObjectEx
WaitForSingleObject
GetStartupInfoA
DeviceIoControl
GetSystemTime
LoadLibraryA
CreateFileA
GetStartupInfoA
CreateProcessA
ReadProcessMemory
CreateProcessW
SleepEx
WaitForSingleObjectEx
SleepEx
VirtualProtectEx
CreateFileA
LoadLibraryExW
TerminateProcess
ReadFile
Sleep
GetSystemTimeAsFileTime
SleepEx
WaitForSingleObjectEx
CreateProcessW
WaitForSingleObject
CreateFileA
GetSystemTimeAsFileTime
CreateProcessA
GetStartupInfoA
GetStartupInfoA
CreateProcessA
CreateProcessA
CreateProcessW
WriteProcessMemory
GetStartupInfoW
Sleep
CreateFileA
WaitForSingleObjectEx
TerminateProcess
ReadFile
DeviceIoControl
CreateFileA
GetStartupInfoA
ReleaseMutex
VirtualProtect
ReadFile
GetStartupInfoW
GetStartupInfoA
VirtualProtectEx
GetSystemTimeAsFileTime
CreateFileA
SleepEx
GetStartupInfoA
VirtualProtect
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
VirtualProtectEx
CreateFileA
Sleep
TerminateProcess
Sleep

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.idata
Size: 633KB - Virtual size: 636KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72ffb62ae5db7730c6b4c4c9e4a98c7d

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 6KB - Virtual size: 8KB

.rdata Size: 9KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.idata Size: 633KB - Virtual size: 636KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 8KB

.rdata
Size: 9KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.idata
Size: 633KB - Virtual size: 636KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB