138fdc057edca329cc9a2c083cf1c2e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

138fdc057edca329cc9a2c083cf1c2e2_JaffaCakes118
Size

318KB
MD5

138fdc057edca329cc9a2c083cf1c2e2
SHA1

bd1b8d3bcde73712f26499b847fc003c512f77bf
SHA256

0f20650a1b8bd6c76094928455474cd8386c518601b907017282ee63d80c3567
SHA512

60947ca5a4d5a2c06a4f8b1124ceb137236cb34a51cc3c0546d51bc49247ea570a0a24f3f9e8ec23beeb491673def88d7bb0183b98fe40dd72e8888910853424
SSDEEP

6144:XjbD00qzLj6QwFazhhNiS/All+e2jCaItgMKhKBSEhZ:zbYpP/wFa9XK2juvqqZ

Score

1^/10

Malware Config

Signatures

Files

138fdc057edca329cc9a2c083cf1c2e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4108ddac8b5563df87a389504e62f453

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/09/2014, 00:00

Not After

25/11/2015, 12:00

Subject

CN=Consortium ltd.,O=Consortium ltd.,L=Roseau,ST=Commonwealth of Dominica,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

60:5f:91:1c:3f:56:8b:cb:fe:20:0b:26:c5:84:28:f2:30:01:5c:9f
Signer

Actual PE Digest

60:5f:91:1c:3f:56:8b:cb:fe:20:0b:26:c5:84:28:f2:30:01:5c:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

kernel32

GetCurrentThreadId
GetCommandLineW
GetSystemTimeAsFileTime
WriteFile
GetTickCount
ExitProcess
VirtualAlloc
ReadFile
lstrcmpiA
LockResource
GetLastError
CloseHandle
CreateFileMappingA
GetCurrentProcess
GetModuleHandleA
GetVersion
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetEnvironmentVariableA
GetFileType
TlsGetValue
GetStartupInfoA
GetVersionExA
DeleteFileW
GetModuleHandleW
GetProcAddress
GetCommandLineA
LCMapStringW
GetStringTypeA
GetUserDefaultLangID
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

GetSystemMetrics
CreateWindowExA
EndPaint
RegisterClipboardFormatA
ShowWindow
RegisterClassExA
CreateDialogParamA
MessageBoxA

gdi32

SetBkColor
Rectangle

advapi32

GetUserNameA
AllocateAndInitializeSid

ole32

CoTaskMemAlloc
CoInitialize

oleaut32

SysAllocStringLen
SysReAllocStringLen

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4108ddac8b5563df87a389504e62f453

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8Certificate

Extended Key Usages

Key Usages

60:5f:91:1c:3f:56:8b:cb:fe:20:0b:26:c5:84:28:f2:30:01:5c:9fSigner

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 268KB - Virtual size: 264KB

.qdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 28KB - Virtual size: 25KB

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

60:5f:91:1c:3f:56:8b:cb:fe:20:0b:26:c5:84:28:f2:30:01:5c:9f
Signer

.text
Size: 268KB - Virtual size: 264KB

.qdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 28KB - Virtual size: 25KB