31d062e3ae4af2dd793811378e829d6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31d062e3ae4af2dd793811378e829d6f_JaffaCakes118
Size

373KB
MD5

31d062e3ae4af2dd793811378e829d6f
SHA1

0e6a174c9d65c143bcc75ea6fd681b0f85386bb9
SHA256

c7696af04fe4f6c5b87c132fd2337751b885d0b3d885f387c09d33dce24e55fa
SHA512

7193b457addfd703d2e6fe80e1ac757b20419f9dc182af54c4db5bb8e559ee76c9f24ca1f7baa7daef692d119a899cf4f269b32587c3898aaabd78827d717c1a
SSDEEP

6144:SAXnM5hWa3cPkLCWp+kxLaazQ/rJ6aQ/UR6ERT2ElYRktprr5t:SA85hN3cPkLXp+k5bzQ/V6a/Q4eur/

Score

1^/10

Malware Config

Signatures

Files

31d062e3ae4af2dd793811378e829d6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ddd94444ea7156217169d9ad049369b

Code Sign

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1
Certificate

Issuer

CN=C ibxlOWhvBPucEKWJoPYJUQsGsxSxaLOWjWWaFYYuzPQdfa piYxwiGBsyDSPrfFqjrZlSNBjVzLbCsydDyaHOceGalZOIUUoGXBqsgELoNDTpTLAjHRcXJpSdtybpBCopNakGDXToNqZ slfSbHJ

Not Before

04/07/2012, 07:44

Not After

31/12/2039, 23:59

Subject

CN=C ibxlOWhvBPucEKWJoPYJUQsGsxSxaLOWjWWaFYYuzPQdfa piYxwiGBsyDSPrfFqjrZlSNBjVzLbCsydDyaHOceGalZOIUUoGXBqsgELoNDTpTLAjHRcXJpSdtybpBCopNakGDXToNqZ slfSbHJ

Extended Key Usages

ExtKeyUsageCodeSigning

72:19:2a:b7:c0:d9:ce:26:91:26:93:5a:b0:be:19:94:e0:a7:5b:d0
Signer

Actual PE Digest

72:19:2a:b7:c0:d9:ce:26:91:26:93:5a:b0:be:19:94:e0:a7:5b:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
LoadLibraryA
GetProcAddress
VirtualAllocEx
CloseHandle

advapi32

RegCloseKey

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ddd94444ea7156217169d9ad049369b

Code Sign

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1Certificate

Extended Key Usages

72:19:2a:b7:c0:d9:ce:26:91:26:93:5a:b0:be:19:94:e0:a7:5b:d0Signer

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 512B - Virtual size: 816B

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 313KB - Virtual size: 313KB

.reloc Size: 512B - Virtual size: 220B

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1
Certificate

72:19:2a:b7:c0:d9:ce:26:91:26:93:5a:b0:be:19:94:e0:a7:5b:d0
Signer

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 512B - Virtual size: 816B

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 313KB - Virtual size: 313KB

.reloc
Size: 512B - Virtual size: 220B