b09d6686770f741d123e527b169fb674_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b09d6686770f741d123e527b169fb674_JaffaCakes118
Size

4.0MB
MD5

b09d6686770f741d123e527b169fb674
SHA1

88fcd8c5a6d9c22f0a712af00393f1edbbb09404
SHA256

63209795ab60293cb7febfaee85f607b66769623b25227b88c5e267d2cf20ba7
SHA512

8ec9e864a319a83b6462268381915661a7540e2dafbd5cff358ec6f8bec1ba4818095d9ad5fbebe16d8810bd8464dd3f91d44c2ad67ce4c6271696c2d44d2a2b
SSDEEP

6144:NZZLBFFRt4T8vvVxa9m2xc440m7klZtHd8BH3HUIL0V:dDt4T8za9mgvt98BXHUIL0V

Score

1^/10

Malware Config

Signatures

Files

b09d6686770f741d123e527b169fb674_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

Issuer

CN=XKWYBHBKAVNCSJAVXA

Not Before

29-09-2020 17:51

Not After

31-12-2039 23:59

Subject

CN=XKWYBHBKAVNCSJAVXA

Extended Key Usages

ExtKeyUsageCodeSigning

8f:63:91:1e:e5:80:b0:c8:9c:aa:ed:58:9b:97:ea:cf:60:9b:81:c5
Signer

Actual PE Digest

8f:63:91:1e:e5:80:b0:c8:9c:aa:ed:58:9b:97:ea:cf:60:9b:81:c5

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryExW
GetModuleHandleW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle

user32

GetKeyboardLayout
CloseWindow
GetForegroundWindow
CopyIcon
ShowCaret
IsCharAlphaNumericW
LoadCursorA

gdi32

CreateCompatibleDC
CreateHalftonePalette
GetEnhMetaFileW
GetEnhMetaFileBits

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text62
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text61
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0Certificate

Extended Key Usages

8f:63:91:1e:e5:80:b0:c8:9c:aa:ed:58:9b:97:ea:cf:60:9b:81:c5Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 4KB - Virtual size: 3KB

.text62 Size: 512B - Virtual size: 130B

.text61 Size: 512B - Virtual size: 130B

.text6 Size: 512B - Virtual size: 130B

.text5 Size: 512B - Virtual size: 130B

.rsrc Size: 2KB - Virtual size: 2KB

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

8f:63:91:1e:e5:80:b0:c8:9c:aa:ed:58:9b:97:ea:cf:60:9b:81:c5
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 4KB - Virtual size: 3KB

.text62
Size: 512B - Virtual size: 130B

.text61
Size: 512B - Virtual size: 130B

.text6
Size: 512B - Virtual size: 130B

.text5
Size: 512B - Virtual size: 130B

.rsrc
Size: 2KB - Virtual size: 2KB