f5eec77b7de837f5b6a57be1b80c7d38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5eec77b7de837f5b6a57be1b80c7d38_JaffaCakes118
Size

295KB
MD5

f5eec77b7de837f5b6a57be1b80c7d38
SHA1

2053e3e2afbea2f5e6c01189a4fcf90e3a4360a7
SHA256

062d1eb47c5428c931fa0fc952e94b265a17dc0f7ad087aa52729a9d961621e5
SHA512

239d3dd12822ba74a8ebe8402b67fc7e42a94e591485ad00ad4f394b5f8775031e66406cc16de0bb8d35ad03056141a5e4a287a1bc0ac3932f1b1a578db8927d
SSDEEP

6144:ZiGtsLqAlqNC+G+1PTG/qm/PgCnmUSFMhl48+M/oI299K5H:cGtsLht+v1PTEn/iUSFM88+rI2AZ

Score

1^/10

Malware Config

Signatures

Files

f5eec77b7de837f5b6a57be1b80c7d38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

Issuer

CN=5U84

Not Before

01/06/2012, 08:28

Not After

31/12/2039, 23:59

Subject

CN=5U84

Extended Key Usages

ExtKeyUsageCodeSigning

e8:4e:24:b9:7f:8d:71:6f:8a:84:c7:bb:0a:7b:0d:69:34:f6:4d:59
Signer

Actual PE Digest

e8:4e:24:b9:7f:8d:71:6f:8a:84:c7:bb:0a:7b:0d:69:34:f6:4d:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
CloseHandle
GetModuleHandleW
GetProcAddress

user32

GetDC
ReleaseDC
InvalidateRect
BeginPaint
ScrollWindow
EndPaint
PostQuitMessage
DefWindowProcA

gdi32

GetStockObject
SelectObject
GetTextMetricsA
SetBkMode
TextOutA

advapi32

RegCloseKey

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1Certificate

Extended Key Usages

e8:4e:24:b9:7f:8d:71:6f:8a:84:c7:bb:0a:7b:0d:69:34:f6:4d:59Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 266KB - Virtual size: 266KB

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 280B

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

e8:4e:24:b9:7f:8d:71:6f:8a:84:c7:bb:0a:7b:0d:69:34:f6:4d:59
Signer

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 266KB - Virtual size: 266KB

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 280B