378aff6edd657d721504bf2e50c0ca0c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

378aff6edd657d721504bf2e50c0ca0c_JaffaCakes118
Size

433KB
MD5

378aff6edd657d721504bf2e50c0ca0c
SHA1

699ed322ac8bc5b6e7a63a1a6b3aa153b535781c
SHA256

9a3d150dbe0818e65e835937833c7239a5df054cd0932305c5b4fa863fb32059
SHA512

cfa5a44d6e71f1fc3dad8515a227c8395f7ee872be8891dc3d1f3c59a2848b902bbb12971c15d13f0424e5b9ae5e1114de86062f3c1e999578cd6a7f1d2c6dbe
SSDEEP

12288:l6fwXfgy8yGT+q+nRtcs5/nqDU+ealNV/1jewl5jOacjb56:l6WEyq+j7cO+UDavzjewnOaI6

Score

1^/10

Malware Config

Signatures

Files

378aff6edd657d721504bf2e50c0ca0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b37173408183c15080322a9ad783e2e3

Code Sign

1b:23:b4:a7:81:c6:14:57:bc:f9:1d:6b:69:fe:a7:19
Certificate

Issuer

CN=krdhzvucdcf

Not Before

30-11-2011 11:17

Not After

25-06-2013 22:00

Subject

CN=Nasyfex

cd:79:28:03:c0:cb:5e:13:2b:e2:0b:ee:9f:6e:79:fd:67:76:ec:93
Signer

Actual PE Digest

cd:79:28:03:c0:cb:5e:13:2b:e2:0b:ee:9f:6e:79:fd:67:76:ec:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
GetWindowThreadProcessId
SetWindowPos
DialogBoxParamA

ole32

CreateAntiMoniker
OleNoteObjectVisible
CoLockObjectExternal
CoReleaseMarshalData
CreateItemMoniker

comctl32

ord13
ord5

shlwapi

StrRChrIW

kernel32

LoadLibraryA
HeapReAlloc
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
LCMapStringW
VirtualAlloc
GetCurrentProcess
GetStringTypeA
MultiByteToWideChar
GetCurrencyFormatA
CopyFileA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b37173408183c15080322a9ad783e2e3

Code Sign

1b:23:b4:a7:81:c6:14:57:bc:f9:1d:6b:69:fe:a7:19Certificate

cd:79:28:03:c0:cb:5e:13:2b:e2:0b:ee:9f:6e:79:fd:67:76:ec:93Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

shlwapi

kernel32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 117KB - Virtual size: 117KB

.data Size: 288KB - Virtual size: 374KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

1b:23:b4:a7:81:c6:14:57:bc:f9:1d:6b:69:fe:a7:19
Certificate

cd:79:28:03:c0:cb:5e:13:2b:e2:0b:ee:9f:6e:79:fd:67:76:ec:93
Signer

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 117KB - Virtual size: 117KB

.data
Size: 288KB - Virtual size: 374KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB