0fb531c7f6e841e36cefbaff58c70949_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0fb531c7f6e841e36cefbaff58c70949_JaffaCakes118
Size

5.9MB
MD5

0fb531c7f6e841e36cefbaff58c70949
SHA1

3d50ffcef573588c637020ce3f41dd13b14b35f4
SHA256

66d36ffbcdd8919b6527110a03fe917c1e47dac123778945305b3baa395631f0
SHA512

9c29540a4bd9a22f8f68e41a02c0935602afbd7c4db6171ae8fd45b2b3894d43a78d7c40d2908cf347923d34a7bb2b9b90d9c003996117c9f12ab7d648162eab
SSDEEP

6144:1PIpEvUeazs9JSMeyUPFlsy4SEUY3V2kz5t8FF9SSl9sciUNhK0:BIpqdaNMeyUPFlR4SEU+VpdITiU3b

Score

1^/10

Malware Config

Signatures

Files

0fb531c7f6e841e36cefbaff58c70949_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5648ee902884284c0765394653b8daaf

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

Issuer

CN=IOCRSIHZPSQUIZFOZQ

Not Before

09-09-2020 13:46

Not After

31-12-2039 23:59

Subject

CN=IOCRSIHZPSQUIZFOZQ

Extended Key Usages

ExtKeyUsageCodeSigning

4e:81:91:35:41:fa:c8:1d:a2:c2:4c:4d:4c:fc:c4:83:58:79:62:bd
Signer

Actual PE Digest

4e:81:91:35:41:fa:c8:1d:a2:c2:4c:4d:4c:fc:c4:83:58:79:62:bd

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
Sleep
GetModuleHandleW
VirtualAllocEx
CreateFileA
WaitForSingleObject
WriteFile
ReleaseMutex
CloseHandle
GetCurrentProcessId
CreateMutexA
GetProcessHeap
SetEndOfFile
GetLastError
MoveFileA
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
WideCharToMultiByte
GetTimeZoneInformation
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate

advapi32

GetUserNameA
RegOpenKeyW
RegQueryValueExA

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5648ee902884284c0765394653b8daaf

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6Certificate

Extended Key Usages

4e:81:91:35:41:fa:c8:1d:a2:c2:4c:4d:4c:fc:c4:83:58:79:62:bdSigner

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 133KB - Virtual size: 133KB

.text2 Size: 512B - Virtual size: 130B

.rdata Size: 512B - Virtual size: 306B

.data Size: 5.6MB - Virtual size: 5.6MB

.rsrc Size: 165KB - Virtual size: 164KB

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

4e:81:91:35:41:fa:c8:1d:a2:c2:4c:4d:4c:fc:c4:83:58:79:62:bd
Signer

.text
Size: 133KB - Virtual size: 133KB

.text2
Size: 512B - Virtual size: 130B

.rdata
Size: 512B - Virtual size: 306B

.data
Size: 5.6MB - Virtual size: 5.6MB

.rsrc
Size: 165KB - Virtual size: 164KB