442c8b98c35312abece350ff2fc89d67_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

442c8b98c35312abece350ff2fc89d67_JaffaCakes118
Size

318KB
MD5

442c8b98c35312abece350ff2fc89d67
SHA1

3670365fde42e45a751fcc0802397081ab49a19e
SHA256

060335861774dd5b8c9b0f97426c9a234bd02787ee6ae13e90668e56afa76e05
SHA512

6078cafa19003a93e0c6bf034805861782ae3fbac7331a0f7e59d7cb49d5ee29820c97c97809e8915b7f1b47c76c6786c50438c940ad77129e1b67f2181be72b
SSDEEP

6144:gFkLQrMQ5iz/DKzpaLsi3xZWeKP8EytCgJn5gotBpAuS8BqQjGuJF:QkLQrMQ5iPSaLvTW8sa+oZABcfJF

Score

1^/10

Malware Config

Signatures

Files

442c8b98c35312abece350ff2fc89d67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b86ccc773c1c8c31e086b6ad4d02813

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-09-2014 00:00

Not After

25-11-2015 12:00

Subject

CN=Consortium ltd.,O=Consortium ltd.,L=Roseau,ST=Commonwealth of Dominica,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

df:6e:fd:70:ba:0c:e3:86:51:e5:4d:c3:18:bc:80:98:18:d6:72:bd
Signer

Actual PE Digest

df:6e:fd:70:ba:0c:e3:86:51:e5:4d:c3:18:bc:80:98:18:d6:72:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

kernel32

GetVersion
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
GetCommandLineW
WriteFile
VirtualAlloc
CreateFileA
ReadFile
lstrcmpiA
LockResource
TlsSetValue
GetLastError
CreateFileMappingA
FileTimeToDosDateTime
EnumCalendarInfoA
CreateEventA
CompareStringA
CloseHandle
GetCurrentProcess
GetUserDefaultLangID
QueryPerformanceCounter
CreateThread
SetErrorMode
GetModuleHandleA
MultiByteToWideChar
SetFilePointer
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
GetStringTypeW
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
ExitProcess
TlsGetValue
GetStartupInfoA
DeleteFileW
GetVersionExA
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetProcAddress
GetCommandLineA
LCMapStringW
GetStringTypeA
LCMapStringA

user32

EndPaint
CreateWindowExA
GetSystemMetrics
MessageBoxA
CreateDialogParamA
ShowWindow
RegisterClipboardFormatA
CharNextA
LoadStringA
GetKeyboardType
GetScrollPos
PtInRect
RemoveMenu
GetClientRect
RegisterClassExA
EndDialog
DialogBoxParamA

gdi32

TextOutW
Rectangle

comdlg32

ChooseFontA
GetOpenFileNameA
FindTextW
GetSaveFileNameA

advapi32

GetUserNameA
AllocateAndInitializeSid
RegCloseKey
RegSetValueExW

shell32

StrStrIA

ole32

CoInitialize
CoTaskMemAlloc
CoUninitialize

oleaut32

VarRound

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b86ccc773c1c8c31e086b6ad4d02813

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8Certificate

Extended Key Usages

Key Usages

df:6e:fd:70:ba:0c:e3:86:51:e5:4d:c3:18:bc:80:98:18:d6:72:bdSigner

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 268KB - Virtual size: 266KB

.qdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 28KB - Virtual size: 26KB

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

df:6e:fd:70:ba:0c:e3:86:51:e5:4d:c3:18:bc:80:98:18:d6:72:bd
Signer

.text
Size: 268KB - Virtual size: 266KB

.qdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 28KB - Virtual size: 26KB