2a5ac7b47d6559f33714cd88f4cecce6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a5ac7b47d6559f33714cd88f4cecce6_JaffaCakes118
Size

311KB
MD5

2a5ac7b47d6559f33714cd88f4cecce6
SHA1

54737a60a6c49f740e396746ecf7e77498c87b85
SHA256

03894e70ff8c5c4c3c9a8d4e97c1de06ac52b07d284ac189b808c95a67e1e114
SHA512

6e3da579eae43ff800fbc5fba1924093f1e0f74390deb4809fa5505be4c5008ec48934ed4e20a27d4b539f3d169e96a1688561a282b8bea3afbddfa29020e70a
SSDEEP

6144:UsbBR9hz9/wAS64AqGuGp2hpEwVI41gY9sV6:UsBltVSzsuu6lIl6

Score

1^/10

Malware Config

Signatures

Files

2a5ac7b47d6559f33714cd88f4cecce6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

Issuer

CN=u65ykrty

Not Before

28/01/2012, 05:39

Not After

31/12/2039, 23:59

Subject

CN=u65ykrty

Extended Key Usages

ExtKeyUsageCodeSigning

d1:64:0c:84:8e:a0:c5:99:5e:b3:d4:6e:6a:e6:69:e2:e3:51:ac:05
Signer

Actual PE Digest

d1:64:0c:84:8e:a0:c5:99:5e:b3:d4:6e:6a:e6:69:e2:e3:51:ac:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc

user32

LoadIconW

advapi32

RegOpenKeyExW

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26Certificate

Extended Key Usages

d1:64:0c:84:8e:a0:c5:99:5e:b3:d4:6e:6a:e6:69:e2:e3:51:ac:05Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 303KB - Virtual size: 302KB

.data Size: 1024B - Virtual size: 640B

.text5 Size: 512B - Virtual size: 32B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 164B

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

d1:64:0c:84:8e:a0:c5:99:5e:b3:d4:6e:6a:e6:69:e2:e3:51:ac:05
Signer

.text
Size: 303KB - Virtual size: 302KB

.data
Size: 1024B - Virtual size: 640B

.text5
Size: 512B - Virtual size: 32B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 164B