10ba3c8b1cb8e3d0b5c77c232ec0d2bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10ba3c8b1cb8e3d0b5c77c232ec0d2bf_JaffaCakes118
Size

5.5MB
MD5

10ba3c8b1cb8e3d0b5c77c232ec0d2bf
SHA1

fae0fb276616cc929a1f810ba4b723b80c11b781
SHA256

7fdd301d2329154a315871819e419227c72371523835cd775fc38eb085c1896a
SHA512

a6119b5eca50161d58d4aabe40a654644de862ea41fe0075c874b175a1ed07ec4be0c748d293457d08245202d9a70d7dfa16e3c5277cc7628ac0a7461bc5ee67
SSDEEP

98304:0iKGiNct1azQCWvL7Lxn2xFRtC4SyVTUGFE7O9dwO3Vy37F/l0LGP69T6Q1vwcIG:0PCcQhD7Lxn6L1dUGm7Wdb8/l0LJWgT

Score

1^/10

Malware Config

Signatures

Files

10ba3c8b1cb8e3d0b5c77c232ec0d2bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

353cc6a2c6745171bd187b7a93a69989

Code Sign

01
Certificate

Issuer

[email protected],O=VirtualboxLTDA,C=RJ

Not Before

10/01/2018, 20:48

Not After

10/01/2020, 20:48

Subject

[email protected],O=VirtualboxLTDA,C=RJ

f9:47:a4:41:3d:4e:8e:e7:78:d3:0b:c5:eb:75:5a:08:73:ab:39:70
Signer

Actual PE Digest

f9:47:a4:41:3d:4e:8e:e7:78:d3:0b:c5:eb:75:5a:08:73:ab:39:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantChangeType

advapi32

RegQueryInfoKeyW

user32

MapVirtualKeyW

kernel32

GetVersion
GetVersionExW
GetVersion
CompareStringW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

BitBlt

version

GetFileVersionInfoSizeW

netapi32

NetApiBufferFree

ole32

StringFromCLSID

comctl32

FlatSB_GetScrollPos

msvcrt

memcpy

shell32

ShellExecuteW

wininet

InternetCloseHandle

winspool.drv

DocumentPropertiesW

wsock32

send

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 76B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

353cc6a2c6745171bd187b7a93a69989

Code Sign

01Certificate

f9:47:a4:41:3d:4e:8e:e7:78:d3:0b:c5:eb:75:5a:08:73:ab:39:70Signer

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

netapi32

ole32

comctl32

msvcrt

shell32

wininet

winspool.drv

wsock32

Exports

Exports

Sections

.text Size: - Virtual size: 2.9MB

.itext Size: - Virtual size: 9KB

.data Size: - Virtual size: 72KB

.bss Size: - Virtual size: 27KB

.idata Size: - Virtual size: 17KB

.didata Size: - Virtual size: 2KB

.edata Size: - Virtual size: 158B

.tls Size: - Virtual size: 76B

.rdata Size: - Virtual size: 92B

.vmp0 Size: - Virtual size: 3.9MB

.vmp1 Size: 5.5MB - Virtual size: 5.5MB

.reloc Size: 512B - Virtual size: 200B

.rsrc Size: 2KB - Virtual size: 2KB

01
Certificate

f9:47:a4:41:3d:4e:8e:e7:78:d3:0b:c5:eb:75:5a:08:73:ab:39:70
Signer

.text
Size: - Virtual size: 2.9MB

.itext
Size: - Virtual size: 9KB

.data
Size: - Virtual size: 72KB

.bss
Size: - Virtual size: 27KB

.idata
Size: - Virtual size: 17KB

.didata
Size: - Virtual size: 2KB

.edata
Size: - Virtual size: 158B

.tls
Size: - Virtual size: 76B

.rdata
Size: - Virtual size: 92B

.vmp0
Size: - Virtual size: 3.9MB

.vmp1
Size: 5.5MB - Virtual size: 5.5MB

.reloc
Size: 512B - Virtual size: 200B

.rsrc
Size: 2KB - Virtual size: 2KB