2b2b63ad92c0b7fac65ba470ead21574_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b2b63ad92c0b7fac65ba470ead21574_JaffaCakes118
Size

311KB
MD5

2b2b63ad92c0b7fac65ba470ead21574
SHA1

cd5916f0d4f6e4e0d16918bd6134dd51be3f65c5
SHA256

6b7287fbdcbe05c188eeed89bd6303be88bc1cd93df34d3b0a1d4c537ecc1155
SHA512

4dcd76aa6b16368a5376544162e10efc80e803ed5124d211bd096d9250a9e9b939933c8e33bf65f0534c839b101e59abab6b8e45d2ffb5897e87ec392ae4302c
SSDEEP

6144:isbBKyhz9/wAS64Aq/uGp2hpEw7I41gY9sz:isBPtVSztuu6rID

Score

1^/10

Malware Config

Signatures

Files

2b2b63ad92c0b7fac65ba470ead21574_JaffaCakes118
.exe windows:4 windows x86 arch:x86

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

Issuer

CN=u65ykrty

Not Before

28/01/2012, 05:39

Not After

31/12/2039, 23:59

Subject

CN=u65ykrty

Extended Key Usages

ExtKeyUsageCodeSigning

d3:c3:75:33:be:6a:e5:5b:10:71:4a:bb:f4:94:65:1f:83:89:18:16
Signer

Actual PE Digest

d3:c3:75:33:be:6a:e5:5b:10:71:4a:bb:f4:94:65:1f:83:89:18:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc

user32

LoadIconW

advapi32

RegOpenKeyExW

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26Certificate

Extended Key Usages

d3:c3:75:33:be:6a:e5:5b:10:71:4a:bb:f4:94:65:1f:83:89:18:16Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 303KB - Virtual size: 302KB

.data Size: 1024B - Virtual size: 640B

.text5 Size: 512B - Virtual size: 32B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 164B

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

d3:c3:75:33:be:6a:e5:5b:10:71:4a:bb:f4:94:65:1f:83:89:18:16
Signer

.text
Size: 303KB - Virtual size: 302KB

.data
Size: 1024B - Virtual size: 640B

.text5
Size: 512B - Virtual size: 32B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 164B