ecabd3ec9f84cf32016189d73d0f2e73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ecabd3ec9f84cf32016189d73d0f2e73_JaffaCakes118
Size

305KB
MD5

ecabd3ec9f84cf32016189d73d0f2e73
SHA1

fc196ac3059a51773a5a93a972c026429b3165fb
SHA256

23202e4a146585d3679fc08827019f897989ed1b09a979dbc5020d7d30e2eb35
SHA512

02136dca075e0fa16c1a9e1fdb49e0239bdd940c97c4997f6c53dcb631cdcead217b2beafafd9f2afbe54bc369d935eed7fa8cb589578878b856644b816fbfe9
SSDEEP

3072:65Gqm2PvynXdFlHEMO62IvxszK8JhIkPEAV6HcpIMwm1ohCs9kTj6yuI:65GqdynXduIPOhXEAY9ZmuSTj6y7

Score

1^/10

Malware Config

Signatures

Files

ecabd3ec9f84cf32016189d73d0f2e73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4030a75029b01ea76b13a059ea06f6c5

Code Sign

9a:e3:7a:55:37:f1:b6:82:c0:2a:83:5b:cc:61:e4:c9
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/07/2013, 00:00

Not After

24/07/2016, 23:59

Subject

CN=Daniel Hareuveni,O=Daniel Hareuveni,POSTALCODE=6958301,STREET=Yair Rozenblum 15,L=Tel aviv,ST=Israel,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

67:24:24:32:44:9c:71:44:f9:94:84:fd:c5:e7:8c:56:cb:0a:9b:3e
Signer

Actual PE Digest

67:24:24:32:44:9c:71:44:f9:94:84:fd:c5:e7:8c:56:cb:0a:9b:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
MapViewOfFileEx
LocalAlloc
GetModuleHandleW
VirtualAllocEx
GetCommandLineA
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EnterCriticalSection
LeaveCriticalSection
HeapFree
Sleep
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4030a75029b01ea76b13a059ea06f6c5

Code Sign

9a:e3:7a:55:37:f1:b6:82:c0:2a:83:5b:cc:61:e4:c9Certificate

Extended Key Usages

Key Usages

67:24:24:32:44:9c:71:44:f9:94:84:fd:c5:e7:8c:56:cb:0a:9b:3eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 23KB

.data2 Size: 24KB - Virtual size: 23KB

.data1 Size: 44KB - Virtual size: 44KB

.data3 Size: 35KB - Virtual size: 34KB

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 5KB - Virtual size: 5KB

9a:e3:7a:55:37:f1:b6:82:c0:2a:83:5b:cc:61:e4:c9
Certificate

67:24:24:32:44:9c:71:44:f9:94:84:fd:c5:e7:8c:56:cb:0a:9b:3e
Signer

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 23KB

.data2
Size: 24KB - Virtual size: 23KB

.data1
Size: 44KB - Virtual size: 44KB

.data3
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 5KB - Virtual size: 5KB