079d2c0f1fca531a0561330d06ec342d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

079d2c0f1fca531a0561330d06ec342d_JaffaCakes118
Size

443KB
MD5

079d2c0f1fca531a0561330d06ec342d
SHA1

5f98d00f02315dc983cd37fb6fa83120b5a15dc0
SHA256

43e0d6b054a6c321ba4323c09af2905e094a7fb5e366402ed1a331fff6ec559b
SHA512

2844960339552c1fa980142ed6d9a3780bb87d92147574b41303b9e3a7e1f0892ec11751755b978216ca3455f17d60f8948b76458c94c260a10dd32346596e34
SSDEEP

12288:3W0qAvs2KZxjugwH/P1H3TXylhBe2HG7c1UWpf9XWoc:rBs2KZmfByjBeaG7cHdWoc

Score

1^/10

Malware Config

Signatures

Files

079d2c0f1fca531a0561330d06ec342d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

251e9e3f09dd4904d7c333dce1224d5a

Code Sign

9c:ad:85:d8:f7:d7:bf:42:96:45:41:ef:d1:6f:06
Certificate

Issuer

CN=emybnlrhugp

Not Before

10/01/2012, 19:31

Not After

29/04/2023, 22:00

Subject

CN=Holobun

f2:38:84:57:8e:a6:d4:b2:8e:27:c4:34:5d:80:1e:86:f9:43:79:9a
Signer

Actual PE Digest

f2:38:84:57:8e:a6:d4:b2:8e:27:c4:34:5d:80:1e:86:f9:43:79:9a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleConvertIStorageToOLESTREAMEx

kernel32

GetEnvironmentStrings
LCMapStringW
VirtualQuery
HeapAlloc
HeapLock
GlobalFree
FoldStringA
GetStringTypeA
LCMapStringA
CreateSemaphoreA
GlobalReAlloc
VirtualAlloc
IsBadReadPtr
GetUserDefaultLCID
IsBadWritePtr
VirtualFree
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uoo
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gpa
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

251e9e3f09dd4904d7c333dce1224d5a

Code Sign

9c:ad:85:d8:f7:d7:bf:42:96:45:41:ef:d1:6f:06Certificate

f2:38:84:57:8e:a6:d4:b2:8e:27:c4:34:5d:80:1e:86:f9:43:79:9aSigner

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 92KB

.uoo Size: 280KB - Virtual size: 280KB

.gpa Size: 124KB - Virtual size: 123KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

9c:ad:85:d8:f7:d7:bf:42:96:45:41:ef:d1:6f:06
Certificate

f2:38:84:57:8e:a6:d4:b2:8e:27:c4:34:5d:80:1e:86:f9:43:79:9a
Signer

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 92KB

.uoo
Size: 280KB - Virtual size: 280KB

.gpa
Size: 124KB - Virtual size: 123KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB