581ffbf40d0e0efd3ec50c0fb9066967_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

581ffbf40d0e0efd3ec50c0fb9066967_JaffaCakes118
Size

5.9MB
MD5

581ffbf40d0e0efd3ec50c0fb9066967
SHA1

b469e2670a06782ea80c79d92b523b47aa255dc3
SHA256

71c099ed2857f660b8431eb79cdd49300428cbf97c2cb6f98efa6e1cf30d1414
SHA512

96d0f4e6e5af7a411637cb7b47451d227b2f1f8e11ab72be99bc8664c7405514f8cf96042fc20e2be8ca0245a6fdee86907cd78cb853796d462ed69a46c8e3c6
SSDEEP

6144:TPIpEvUeazs9JSMeyUPFlsy4SEUY3V2kz5t8FF9SSl9sc5UNhK:LIpqdaNMeyUPFlR4SEU+VpdIT5U3K

Score

1^/10

Malware Config

Signatures

Files

581ffbf40d0e0efd3ec50c0fb9066967_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5648ee902884284c0765394653b8daaf

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

Issuer

CN=IOCRSIHZPSQUIZFOZQ

Not Before

09-09-2020 13:46

Not After

31-12-2039 23:59

Subject

CN=IOCRSIHZPSQUIZFOZQ

Extended Key Usages

ExtKeyUsageCodeSigning

2c:d1:ec:e4:8d:a6:c8:f2:2e:48:a4:d3:5c:aa:c0:55:9a:87:0b:be
Signer

Actual PE Digest

2c:d1:ec:e4:8d:a6:c8:f2:2e:48:a4:d3:5c:aa:c0:55:9a:87:0b:be

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
Sleep
GetModuleHandleW
VirtualAllocEx
CreateFileA
WaitForSingleObject
WriteFile
ReleaseMutex
CloseHandle
GetCurrentProcessId
CreateMutexA
GetProcessHeap
SetEndOfFile
GetLastError
MoveFileA
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
WideCharToMultiByte
GetTimeZoneInformation
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate

advapi32

GetUserNameA
RegOpenKeyW
RegQueryValueExA

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5648ee902884284c0765394653b8daaf

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6Certificate

Extended Key Usages

2c:d1:ec:e4:8d:a6:c8:f2:2e:48:a4:d3:5c:aa:c0:55:9a:87:0b:beSigner

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 133KB - Virtual size: 133KB

.text2 Size: 512B - Virtual size: 130B

.rdata Size: 512B - Virtual size: 306B

.data Size: 5.6MB - Virtual size: 5.6MB

.rsrc Size: 165KB - Virtual size: 164KB

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

2c:d1:ec:e4:8d:a6:c8:f2:2e:48:a4:d3:5c:aa:c0:55:9a:87:0b:be
Signer

.text
Size: 133KB - Virtual size: 133KB

.text2
Size: 512B - Virtual size: 130B

.rdata
Size: 512B - Virtual size: 306B

.data
Size: 5.6MB - Virtual size: 5.6MB

.rsrc
Size: 165KB - Virtual size: 164KB