1713ec16071184b4bee3e5b2a369e8ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1713ec16071184b4bee3e5b2a369e8ef_JaffaCakes118
Size

183KB
MD5

1713ec16071184b4bee3e5b2a369e8ef
SHA1

7028ed1493d1896224592007e866c6ed99ca6ac6
SHA256

bad5219e51dbad66f531f921c4b6db64a66121bc2043e5c7af39955b03e114ea
SHA512

534a258e67480e91bfe60d359aa47d45b2764207d5bbdfaf0b87adb26ca8c5728be42bbf52c6ca9ef1b78525b4b0e5afd12edcb320be2f2aaef1dbbfa1836eee
SSDEEP

3072:55nuE4WQHf70wIoay7PnluKxLBzvUvo1SQbkIPgs7ZI9GtsG3j:LuE4FJaMflH5BzstggsyGtsM

Score

1^/10

Malware Config

Signatures

Files

1713ec16071184b4bee3e5b2a369e8ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e45ffb57e1387f60eb35ca87a1eda423

Code Sign

b4:e9:75:b9:74:b3:ef:de
Certificate

Issuer

CN=To think on this and shall I lack the thought

Not Before

22/11/2010, 11:21

Not After

18/08/2013, 11:21

Subject

CN=To think on this and shall I lack the thought

94:25:41:13:28:8f:8f:e8:40:14:ad:a8:68:c1:ff:e0:44:0c:e2:29
Signer

Actual PE Digest

94:25:41:13:28:8f:8f:e8:40:14:ad:a8:68:c1:ff:e0:44:0c:e2:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrcpyW
DisableThreadLibraryCalls
GetCurrentThreadId
GetBinaryTypeA
GetThreadPriorityBoost
GetLocalTime
SetEvent
ReadFile
GetFileAttributesW
GetModuleHandleA
CreateFileA
GetCurrentProcess
GetCurrentThread
LoadLibraryA
Process32First
GetCurrentProcessId
GetThreadTimes
GetHandleInformation
GetSystemTime
VirtualAlloc
WaitForSingleObject
CreateEventA
GetProcAddress
IsBadReadPtr
VirtualProtectEx
VirtualFree
Sleep
SystemTimeToFileTime

user32

GetDlgItem
DestroyWindow
InSendMessage
GetForegroundWindow
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
MessageBoxA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e45ffb57e1387f60eb35ca87a1eda423

Code Sign

b4:e9:75:b9:74:b3:ef:deCertificate

94:25:41:13:28:8f:8f:e8:40:14:ad:a8:68:c1:ff:e0:44:0c:e2:29Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 700KB

.text Size: 175KB - Virtual size: 174KB

.rsrc Size: 2KB - Virtual size: 2KB

b4:e9:75:b9:74:b3:ef:de
Certificate

94:25:41:13:28:8f:8f:e8:40:14:ad:a8:68:c1:ff:e0:44:0c:e2:29
Signer

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 700KB

.text
Size: 175KB - Virtual size: 174KB

.rsrc
Size: 2KB - Virtual size: 2KB