389f4748fffc7eaa9632221e635714fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

389f4748fffc7eaa9632221e635714fa_JaffaCakes118
Size

17KB
MD5

389f4748fffc7eaa9632221e635714fa
SHA1

2629f54b3da36065b4205ac73ed3464d1d5405a5
SHA256

dd118ba3e20c9932511b41592e66d529be258205ad2e4723c87dcb4d1f6e2420
SHA512

f8882b40cbd2c014ac9a5460f7c1c53a58555a204968e7b27af4f89a0781fd2ab88fe002dab3551529245b5bebca840e6660c9bef053f2d3eac8cc931db8c265
SSDEEP

192:SvIB6/SNvyLsqP4KaX+4iyJZBnitG6VxUhh4WWieZWkbt:iiRpyLXaX+4ilxUhh4WWieZWw

Score

1^/10

Malware Config

Signatures

Files

389f4748fffc7eaa9632221e635714fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f81e6a44a508d1d3118e37a58efa8460

Code Sign

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7e
Certificate

Issuer

CN=63xrDo6ON5mS

Not Before

09/03/2012, 08:39

Not After

31/12/2039, 23:59

Subject

CN=63xrDo6ON5mS

Extended Key Usages

ExtKeyUsageCodeSigning

ee:39:10:2e:60:aa:80:99:31:dd:17:e7:3d:61:9d:bf:ab:97:67:a6
Signer

Actual PE Digest

ee:39:10:2e:60:aa:80:99:31:dd:17:e7:3d:61:9d:bf:ab:97:67:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetWindowsDirectoryW
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f81e6a44a508d1d3118e37a58efa8460

Code Sign

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7eCertificate

Extended Key Usages

ee:39:10:2e:60:aa:80:99:31:dd:17:e7:3d:61:9d:bf:ab:97:67:a6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 120B

.text4 Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7e
Certificate

ee:39:10:2e:60:aa:80:99:31:dd:17:e7:3d:61:9d:bf:ab:97:67:a6
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 120B

.text4
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB