19fc40e12bd8675e6af3fa0b99730fb1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

19fc40e12bd8675e6af3fa0b99730fb1_JaffaCakes118
Size

4.0MB
MD5

19fc40e12bd8675e6af3fa0b99730fb1
SHA1

478839e400b88b920c2f50419089362e9cd3dcb8
SHA256

e49e5a9c12fa92485943517ecba2721387a7ec8942ef92ba02b4c2e35a9dd84d
SHA512

c28172bf536227c8cff21addc0e30a1d0835973e65faf6043c547a6ff1a69d1fa72e1ffd31709f5e700959b0c7b6a00874e445922e09a98d62389805ffe516d9
SSDEEP

6144:6ZZLBFFRt4T8vvVxa9m2xc440m7klZtHd8BH3HUILm8:QDt4T8za9mgvt98BXHUILm8

Score

1^/10

Malware Config

Signatures

Files

19fc40e12bd8675e6af3fa0b99730fb1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

Issuer

CN=XKWYBHBKAVNCSJAVXA

Not Before

29-09-2020 17:51

Not After

31-12-2039 23:59

Subject

CN=XKWYBHBKAVNCSJAVXA

Extended Key Usages

ExtKeyUsageCodeSigning

23:04:43:db:07:3a:de:39:22:94:9d:67:19:ac:6f:15:79:99:69:2f
Signer

Actual PE Digest

23:04:43:db:07:3a:de:39:22:94:9d:67:19:ac:6f:15:79:99:69:2f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryExW
GetModuleHandleW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle

user32

GetKeyboardLayout
CloseWindow
GetForegroundWindow
CopyIcon
ShowCaret
IsCharAlphaNumericW
LoadCursorA

gdi32

CreateCompatibleDC
CreateHalftonePalette
GetEnhMetaFileW
GetEnhMetaFileBits

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text62
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text61
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0Certificate

Extended Key Usages

23:04:43:db:07:3a:de:39:22:94:9d:67:19:ac:6f:15:79:99:69:2fSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 4KB - Virtual size: 3KB

.text62 Size: 512B - Virtual size: 130B

.text61 Size: 512B - Virtual size: 130B

.text6 Size: 512B - Virtual size: 130B

.text5 Size: 512B - Virtual size: 130B

.rsrc Size: 2KB - Virtual size: 2KB

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

23:04:43:db:07:3a:de:39:22:94:9d:67:19:ac:6f:15:79:99:69:2f
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 4KB - Virtual size: 3KB

.text62
Size: 512B - Virtual size: 130B

.text61
Size: 512B - Virtual size: 130B

.text6
Size: 512B - Virtual size: 130B

.text5
Size: 512B - Virtual size: 130B

.rsrc
Size: 2KB - Virtual size: 2KB