26fcbac1d437e32ae385c5c0c46b1ab8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26fcbac1d437e32ae385c5c0c46b1ab8_JaffaCakes118
Size

4.0MB
MD5

26fcbac1d437e32ae385c5c0c46b1ab8
SHA1

65a6d3ffa42f59353f82c5500ff0af1e77883d88
SHA256

c6482951d520c93684161390507d695b8d6a90d8e1ac14e01626adf1989ab731
SHA512

d43d50f3f6501cc6ed4ac7f1fce992c13cc012c4d302f18f41336d1bc4097109a6228144896238f16b4b0b6dbb991bd322bce4850278f0fee501c91c06a1999a
SSDEEP

6144:AJBMZZLBFFRt4T8vvVxa9m2xc440m7klZtHd8BH3HUILHhyB:7Dt4T8za9mgvt98BXHUILHhW

Score

1^/10

Malware Config

Signatures

Files

26fcbac1d437e32ae385c5c0c46b1ab8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

605550acb84f5d13d08094db2ec7ed51

Code Sign

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06
Certificate

Issuer

CN=OJQSJVHIBUTMZNUFDL

Not Before

01-10-2020 07:17

Not After

31-12-2039 23:59

Subject

CN=OJQSJVHIBUTMZNUFDL

Extended Key Usages

ExtKeyUsageCodeSigning

43:1a:06:bd:3e:8b:9f:83:93:72:6c:ea:71:d1:d8:d4:0b:e7:81:f8
Signer

Actual PE Digest

43:1a:06:bd:3e:8b:9f:83:93:72:6c:ea:71:d1:d8:d4:0b:e7:81:f8

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetLastError
LoadLibraryExW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle
HeapFree
GetProcessHeap
GetModuleHandleA
GetLocalTime
WriteFile
SetFilePointer
ExpandEnvironmentStringsW
GetEnvironmentVariableW
HeapAlloc
CreateFileW
DeviceIoControl
CreateThread
WaitForSingleObject
ExitThread
SetLastError

user32

LoadCursorA

gdi32

GdiFlush
CancelDC
DeleteEnhMetaFile
GdiGetBatchLimit
CreateHalftonePalette
CreateMetaFileA
DeleteColorSpace
DeleteDC
CloseFigure
BeginPath
AddFontResourceW
CreatePatternBrush
AddFontResourceA
CreateCompatibleDC
CloseMetaFile
CloseEnhMetaFile
AbortPath
DeleteMetaFile
AbortDoc
CreateSolidBrush
CreateMetaFileW
GetEnhMetaFileW

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605550acb84f5d13d08094db2ec7ed51

Code Sign

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06Certificate

Extended Key Usages

43:1a:06:bd:3e:8b:9f:83:93:72:6c:ea:71:d1:d8:d4:0b:e7:81:f8Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06
Certificate

43:1a:06:bd:3e:8b:9f:83:93:72:6c:ea:71:d1:d8:d4:0b:e7:81:f8
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB