18f3f93ce3bf474b09d42d9802ebf776_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

18f3f93ce3bf474b09d42d9802ebf776_JaffaCakes118
Size

435KB
MD5

18f3f93ce3bf474b09d42d9802ebf776
SHA1

defa1de8882325ee1ea6681e423f09e49e5eabf5
SHA256

5a7dcbb9a6e2dcb81796a472352b75132fd5a90a017352692be5b58516bae7b5
SHA512

fa5cc02cf329504fbfcdc27f6aa584247be5272c6f72a516b29b289cda1c46ce396f1a66c10498d92021f67077cbc8a48dca2f8ac97a17ef5c3557f6739426bf
SSDEEP

12288:jZcTxg4/FfrLLyAicEEtmLl7qenNqg4Jd:axg+fL/icqrNqxJd

Score

1^/10

Malware Config

Signatures

Files

18f3f93ce3bf474b09d42d9802ebf776_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98d0cfd31cbe6403f1e54ce2e9aa16d7

Code Sign

59:e3:80:0e:10:02:81:70:bf:01:5c:3c:90:cc:ab:65
Certificate

Issuer

CN=catombhzdce

Not Before

02-12-2011 09:49

Not After

22-04-2023 22:00

Subject

CN=Keyufew

3e:c4:15:9d:b7:bd:fc:c4:ac:b9:60:6e:1f:3b:03:ab:03:99:71:b5
Signer

Actual PE Digest

3e:c4:15:9d:b7:bd:fc:c4:ac:b9:60:6e:1f:3b:03:ab:03:99:71:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgCtrlID
GetSysColor
GetForegroundWindow

ole32

CoReleaseMarshalData
OleDuplicateData
CoRevokeClassObject
CoCreateGuid
CreateBindCtx

comctl32

ord16
CreateStatusWindowW
ord2

shlwapi

StrToIntA

kernel32

HeapReAlloc
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
LCMapStringA
LCMapStringW
VirtualAlloc
TerminateProcess
GetStringTypeW
GetStringTypeA
EnterCriticalSection
GetTimeFormatA
PulseEvent
HeapWalk
CompareStringA
CreateFileA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InitializeCriticalSection
LeaveCriticalSection
MultiByteToWideChar

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98d0cfd31cbe6403f1e54ce2e9aa16d7

Code Sign

59:e3:80:0e:10:02:81:70:bf:01:5c:3c:90:cc:ab:65Certificate

3e:c4:15:9d:b7:bd:fc:c4:ac:b9:60:6e:1f:3b:03:ab:03:99:71:b5Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

shlwapi

kernel32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 299KB - Virtual size: 384KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 3KB

59:e3:80:0e:10:02:81:70:bf:01:5c:3c:90:cc:ab:65
Certificate

3e:c4:15:9d:b7:bd:fc:c4:ac:b9:60:6e:1f:3b:03:ab:03:99:71:b5
Signer

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 299KB - Virtual size: 384KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 3KB