7b4812ecb19349462fd99100681740ce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7b4812ecb19349462fd99100681740ce_JaffaCakes118
Size

4.0MB
MD5

7b4812ecb19349462fd99100681740ce
SHA1

e2df175d5f6b32087dfea73290c1e3d9f2558aa2
SHA256

8140a21cda1fae7c2b52a71a0aca12f2c2f2957cf923d1adbaaf633eadaf904a
SHA512

9fd20046b4b95189043c8da3c22668039496caa5c8c0711126fde2abec413cbd84adec28322a06ac2a6913bf2da9b93e1ac01a165e86f2ca26322b5ee81c3313
SSDEEP

6144:6JBMZZLBFFRt4T8vvVxa9m2xc440m7klZtHd8BH3HUILHhyc:NDt4T8za9mgvt98BXHUILHhT

Score

1^/10

Malware Config

Signatures

Files

7b4812ecb19349462fd99100681740ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

605550acb84f5d13d08094db2ec7ed51

Code Sign

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06
Certificate

Issuer

CN=OJQSJVHIBUTMZNUFDL

Not Before

01-10-2020 07:17

Not After

31-12-2039 23:59

Subject

CN=OJQSJVHIBUTMZNUFDL

Extended Key Usages

ExtKeyUsageCodeSigning

78:05:93:4b:43:43:72:3f:90:33:53:40:99:6d:9b:ee:89:2f:4b:e2
Signer

Actual PE Digest

78:05:93:4b:43:43:72:3f:90:33:53:40:99:6d:9b:ee:89:2f:4b:e2

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetLastError
LoadLibraryExW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle
HeapFree
GetProcessHeap
GetModuleHandleA
GetLocalTime
WriteFile
SetFilePointer
ExpandEnvironmentStringsW
GetEnvironmentVariableW
HeapAlloc
CreateFileW
DeviceIoControl
CreateThread
WaitForSingleObject
ExitThread
SetLastError

user32

LoadCursorA

gdi32

GdiFlush
CancelDC
DeleteEnhMetaFile
GdiGetBatchLimit
CreateHalftonePalette
CreateMetaFileA
DeleteColorSpace
DeleteDC
CloseFigure
BeginPath
AddFontResourceW
CreatePatternBrush
AddFontResourceA
CreateCompatibleDC
CloseMetaFile
CloseEnhMetaFile
AbortPath
DeleteMetaFile
AbortDoc
CreateSolidBrush
CreateMetaFileW
GetEnhMetaFileW

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605550acb84f5d13d08094db2ec7ed51

Code Sign

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06Certificate

Extended Key Usages

78:05:93:4b:43:43:72:3f:90:33:53:40:99:6d:9b:ee:89:2f:4b:e2Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

6d:c6:bf:7d:a3:d6:b6:a8:41:6e:0b:9e:2e:b4:c6:06
Certificate

78:05:93:4b:43:43:72:3f:90:33:53:40:99:6d:9b:ee:89:2f:4b:e2
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB