ae527903440b3c4a70647001ba291d53_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae527903440b3c4a70647001ba291d53_JaffaCakes118
Size

4.0MB
MD5

ae527903440b3c4a70647001ba291d53
SHA1

41e0d859e4817aefe36077917c27298df3e8fe25
SHA256

e5217be59a90438868c0d9c4adfcf7bdb454b84a95cdca86dad76e04e3c9efad
SHA512

b4ff8bd79773b9ca01b1b644815ba73a2cb4727103903e73dfd956887c805b643fdaa3f83e019c1970f2a8e79b52b0e4a28794cc7552411eaa08a0cd6b650acf
SSDEEP

6144:8ZZLBFFRt4T8vvVxa9m2xc440m7klZtHd8BH3HUILQG:yDt4T8za9mgvt98BXHUILQG

Score

1^/10

Malware Config

Signatures

Files

ae527903440b3c4a70647001ba291d53_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

Issuer

CN=XKWYBHBKAVNCSJAVXA

Not Before

29-09-2020 17:51

Not After

31-12-2039 23:59

Subject

CN=XKWYBHBKAVNCSJAVXA

Extended Key Usages

ExtKeyUsageCodeSigning

a7:24:37:01:58:a3:0b:92:0b:60:12:f0:f8:ed:84:53:81:4d:fc:1c
Signer

Actual PE Digest

a7:24:37:01:58:a3:0b:92:0b:60:12:f0:f8:ed:84:53:81:4d:fc:1c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryExW
GetModuleHandleW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle

user32

GetKeyboardLayout
CloseWindow
GetForegroundWindow
CopyIcon
ShowCaret
IsCharAlphaNumericW
LoadCursorA

gdi32

CreateCompatibleDC
CreateHalftonePalette
GetEnhMetaFileW
GetEnhMetaFileBits

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text62
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text61
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96e21d905c86f50f521b10b486865a6f

Code Sign

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0Certificate

Extended Key Usages

a7:24:37:01:58:a3:0b:92:0b:60:12:f0:f8:ed:84:53:81:4d:fc:1cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 4KB - Virtual size: 3KB

.text62 Size: 512B - Virtual size: 130B

.text61 Size: 512B - Virtual size: 130B

.text6 Size: 512B - Virtual size: 130B

.text5 Size: 512B - Virtual size: 130B

.rsrc Size: 2KB - Virtual size: 2KB

5c:23:3d:9b:98:07:04:6f:b3:a5:a5:63:27:0c:0c:c0
Certificate

a7:24:37:01:58:a3:0b:92:0b:60:12:f0:f8:ed:84:53:81:4d:fc:1c
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 4KB - Virtual size: 3KB

.text62
Size: 512B - Virtual size: 130B

.text61
Size: 512B - Virtual size: 130B

.text6
Size: 512B - Virtual size: 130B

.text5
Size: 512B - Virtual size: 130B

.rsrc
Size: 2KB - Virtual size: 2KB