3678c2931715f1c9a986d8a0e7557b88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3678c2931715f1c9a986d8a0e7557b88_JaffaCakes118
Size

353KB
MD5

3678c2931715f1c9a986d8a0e7557b88
SHA1

d3f1a74458f29c9cbb78ad04bbef355ba4abe451
SHA256

36ca38c0e754816fb2d8ef8d6977b7d0b9c7f601b8a62f43271386603afe9e5f
SHA512

71cdfb87ee1c07aa6d43b1c81970135be01f9f01b14013f57230075d35c607e058fe99a1d12908f2d05f3d5a3ea2d5792b516ac24a97a6ac7bb865335b6930f1
SSDEEP

6144:dqzQ9S3r2I6jVZNp0H8vIz3YX5Sze2wpchpkUJ1H+Bh4kHIX:hS96jdQTKk9h1H+AX

Score

1^/10

Malware Config

Signatures

Files

3678c2931715f1c9a986d8a0e7557b88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c03290f09e49ab4595996c19e1c6c08

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

Issuer

CN=fbDs

Not Before

19/06/2012, 05:12

Not After

31/12/2039, 23:59

Subject

CN=fbDs

Extended Key Usages

ExtKeyUsageCodeSigning

b2:39:bd:ac:e5:62:60:fa:c6:8a:d0:c0:cf:aa:e2:7c:d3:d2:e0:a7
Signer

Actual PE Digest

b2:39:bd:ac:e5:62:60:fa:c6:8a:d0:c0:cf:aa:e2:7c:d3:d2:e0:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
LoadLibraryA
GetCommandLineA
CloseHandle
GetWindowsDirectoryW
GetModuleHandleA
GetProcAddress
lstrcatW
CreateFileW
VirtualAllocEx

user32

LoadIconA
LoadCursorA

advapi32

RegCloseKey
RegOpenKeyW

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c03290f09e49ab4595996c19e1c6c08

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38Certificate

Extended Key Usages

b2:39:bd:ac:e5:62:60:fa:c6:8a:d0:c0:cf:aa:e2:7c:d3:d2:e0:a7Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 303KB - Virtual size: 302KB

.data13 Size: 512B - Virtual size: 100B

.data12 Size: 512B - Virtual size: 100B

.data11 Size: 512B - Virtual size: 100B

.data10 Size: 512B - Virtual size: 100B

.data9 Size: 512B - Virtual size: 100B

.data8 Size: 512B - Virtual size: 100B

.data7 Size: 512B - Virtual size: 100B

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 212B

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

b2:39:bd:ac:e5:62:60:fa:c6:8a:d0:c0:cf:aa:e2:7c:d3:d2:e0:a7
Signer

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 303KB - Virtual size: 302KB

.data13
Size: 512B - Virtual size: 100B

.data12
Size: 512B - Virtual size: 100B

.data11
Size: 512B - Virtual size: 100B

.data10
Size: 512B - Virtual size: 100B

.data9
Size: 512B - Virtual size: 100B

.data8
Size: 512B - Virtual size: 100B

.data7
Size: 512B - Virtual size: 100B

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 212B