e844a7ee86d9aeb271094a4ec56fce4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e844a7ee86d9aeb271094a4ec56fce4e_JaffaCakes118
Size

453KB
MD5

e844a7ee86d9aeb271094a4ec56fce4e
SHA1

bc22bced4996357c67fbc9e360591aaabe09a9e7
SHA256

f0c23215c6950e78cf47694000ab017ca3d60804fb9340572f921bd528c9a808
SHA512

25b005eccc4d4111c6d6b3cf05d8bdd59ad0e45a13ffecf95d2a17bcad460b16919fa0c167eeec7047864f009f4c12e3d29ff786a663dcc0b780372513ef3d21
SSDEEP

12288:kAqfNfxH8HZDRSN1SRRH2Zb562xh6JXUYF7KOv:kAqftxH8HZDRSNcRRGJxh6JlF7KOv

Score

1^/10

Malware Config

Signatures

Files

e844a7ee86d9aeb271094a4ec56fce4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09befc97c3fee67899e52f78a296a81f

Code Sign

75:57:17:da:34:83:28:5d:b4:69:99:b1:2b:0c:81:1d
Certificate

Issuer

CN=wyxwhvarkdv

Not Before

30/11/2011, 19:19

Not After

28/07/2023, 22:00

Subject

CN=Mefaxit

d5:b7:37:f5:b8:a3:6d:b4:87:ac:a4:d3:64:39:28:b4:70:f8:ef:02
Signer

Actual PE Digest

d5:b7:37:f5:b8:a3:6d:b4:87:ac:a4:d3:64:39:28:b4:70:f8:ef:02

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
GetWindowRect
GetParent

ole32

OleCreateLinkToFile
CoLockObjectExternal
CoGetMarshalSizeMax
CoGetCurrentProcess

comctl32

CreateToolbarEx
ord5

shlwapi

StrCSpnA

kernel32

HeapReAlloc
LoadLibraryA
GetOEMCP
GetCPInfo
GetStringTypeW
LCMapStringW
VirtualAlloc
GetCurrentProcess
GetStringTypeA
MultiByteToWideChar
LCMapStringA
GetACP
VirtualQuery
OpenEventA
CopyFileA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09befc97c3fee67899e52f78a296a81f

Code Sign

75:57:17:da:34:83:28:5d:b4:69:99:b1:2b:0c:81:1dCertificate

d5:b7:37:f5:b8:a3:6d:b4:87:ac:a4:d3:64:39:28:b4:70:f8:ef:02Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

shlwapi

kernel32

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 291KB - Virtual size: 372KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 3KB

75:57:17:da:34:83:28:5d:b4:69:99:b1:2b:0c:81:1d
Certificate

d5:b7:37:f5:b8:a3:6d:b4:87:ac:a4:d3:64:39:28:b4:70:f8:ef:02
Signer

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 291KB - Virtual size: 372KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 3KB