2e5f47e7d63cb6c87af11d94bbf311d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e5f47e7d63cb6c87af11d94bbf311d7_JaffaCakes118
Size

311KB
MD5

2e5f47e7d63cb6c87af11d94bbf311d7
SHA1

ee3fdc6bdef3ecb65bca0ca55cb4a4593e5066cf
SHA256

4a8232b9d6bef7a6705f3d3427d2f1ff02bc031c3ce8b7c7f84fc3fc0a24a5bc
SHA512

cd81ba8a4ac6abbbf72670cc0fbefe6fbf020d8646571960488734a9d256695596d93e728380b7e7bc1066e7a35b429b4ee22e17ea76cfc2b07cb44876758cbb
SSDEEP

6144:HytuBlo8aCyd1dUhAE74jvaG66xegV+/mJC63W1P+tN1JB5z:HMdjaUq6QgV+OvAPG175z

Score

1^/10

Malware Config

Signatures

Files

2e5f47e7d63cb6c87af11d94bbf311d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f29672e1c514843a1df2c5873720bab6

Code Sign

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7c
Certificate

Issuer

CN=fHyv

Not Before

06/06/2012, 07:29

Not After

31/12/2039, 23:59

Subject

CN=fHyv

Extended Key Usages

ExtKeyUsageCodeSigning

b6:b6:90:89:65:f8:b4:2f:22:a6:7e:f6:fa:b7:06:b6:2c:e4:ab:2d
Signer

Actual PE Digest

b6:b6:90:89:65:f8:b4:2f:22:a6:7e:f6:fa:b7:06:b6:2c:e4:ab:2d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
CloseHandle

gdi32

GetStockObject

advapi32

RegCloseKey

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f29672e1c514843a1df2c5873720bab6

Code Sign

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7cCertificate

Extended Key Usages

b6:b6:90:89:65:f8:b4:2f:22:a6:7e:f6:fa:b7:06:b6:2c:e4:ab:2dSigner

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 266KB - Virtual size: 266KB

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 192B

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7c
Certificate

b6:b6:90:89:65:f8:b4:2f:22:a6:7e:f6:fa:b7:06:b6:2c:e4:ab:2d
Signer

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 266KB - Virtual size: 266KB

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 192B