308af461eb46128af9c5589b550a7fb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

308af461eb46128af9c5589b550a7fb0_JaffaCakes118
Size

15KB
MD5

308af461eb46128af9c5589b550a7fb0
SHA1

57d3b51d4cc0426883eafa71959b014fcb315887
SHA256

86a9ee20d7a29eb442cc1d7eb7fe6e5c23c963467dec471fb1d003f40519d354
SHA512

b5222506d6cf2aa95d35d9449b97e46e4605904b501170bc0728b005da8c0270be79edf40a259705e905ad2450c9df642ac7bbd0de463b26e45b2780ca460e62
SSDEEP

384:SLYouI/h8IuCrlDca+CdZO47Vra5ytjF/fLUcbhZ:09LueOaJHO4g4tj5LU23

Score

1^/10

Malware Config

Signatures

Files

308af461eb46128af9c5589b550a7fb0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

83405a5f2cc1dbf6b3a809528f84a9e1

Code Sign

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:dd
Certificate

Issuer

CN=Root Agency

Not Before

03/03/2010, 03:52

Not After

31/12/2039, 23:59

Subject

CN=soft,OU=WWW.CeleWare.NET,O=CeleWare.NET,1.2.840.113549.1.9.1=#0c10736f667440686f746d61696c2e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileAttributesA
GetFileTime
GetModuleFileNameA
GetShortPathNameA
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GlobalAlloc
GlobalFree
MoveFileA
MoveFileExA
SetFileTime
WaitForSingleObject
WinExec
WriteFile
lstrcatA

user32

CreateDesktopA
EnumWindows
FindWindowA
GetMessageA
PostQuitMessage

advapi32

RegOpenKeyA

Sections

.data
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83405a5f2cc1dbf6b3a809528f84a9e1

Code Sign

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:ddCertificate

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.data Size: 512B - Virtual size: 70B

.data Size: 8KB - Virtual size: 7KB

.text Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 818B

.rsrc Size: 1KB - Virtual size: 1KB

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:dd
Certificate

.data
Size: 512B - Virtual size: 70B

.data
Size: 8KB - Virtual size: 7KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 818B

.rsrc
Size: 1KB - Virtual size: 1KB