3874feb9c7a400f577ffa73a7ca1bfaf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3874feb9c7a400f577ffa73a7ca1bfaf_JaffaCakes118
Size

17KB
MD5

3874feb9c7a400f577ffa73a7ca1bfaf
SHA1

962c7d9e60b151ff69ec1c24974be9a59b2f1414
SHA256

e5ec6496937cd5570a62a312eaad54cdec4677a30a26d593afac78a203a4e43f
SHA512

a81a07f46d292790992bce48a3845fe3c06b8829219c77085f52f752cffa02e4d69a81f903e76c206363f9505348777f6aee1e26f8638679320404e9132e06ae
SSDEEP

384:6cQUsAgz+T8o6gcdWyosqiLxVhh4WWieZWJH0:JQ528otc/3fhhde/

Score

1^/10

Malware Config

Signatures

Files

3874feb9c7a400f577ffa73a7ca1bfaf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12-03-2012 12:03

Not After

31-12-2039 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

3d:50:11:21:28:dc:e4:e9:e9:e1:ae:64:1e:92:0c:cb:27:2a:8d:39
Signer

Actual PE Digest

3d:50:11:21:28:dc:e4:e9:e9:e1:ae:64:1e:92:0c:cb:27:2a:8d:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetProcAddress
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

3d:50:11:21:28:dc:e4:e9:e9:e1:ae:64:1e:92:0c:cb:27:2a:8d:39Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

3d:50:11:21:28:dc:e4:e9:e9:e1:ae:64:1e:92:0c:cb:27:2a:8d:39
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB