3b7c6f575559438c0aa1f542f552a51c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b7c6f575559438c0aa1f542f552a51c_JaffaCakes118
Size

443KB
MD5

3b7c6f575559438c0aa1f542f552a51c
SHA1

0905273e9baaf206b615cb05772b69d87d2df8f6
SHA256

3f5574ff32bf5b925621467d5db0874e7d9dd284dd3ad5dcb7c10b3d29e3f3ec
SHA512

f24be3484d46f2cb78f4e1958de5e6632a425e27d697e954e3a1c56be3ebdbf074fe179fdf3fd7d6ec7e9b563f02e6bd4447062d093c121283a8667162b48dd9
SSDEEP

6144:rtgE98w6cgTIxJjdyHJ3O849c3KKI2+Z0QPn0y1w9C+IvIoo2IKpwCRTA:BXqrs7jKxn49PgQPnfwIZJo28O8

Score

1^/10

Malware Config

Signatures

Files

3b7c6f575559438c0aa1f542f552a51c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c90d6a6f9db3812760da27b7daa02c1c

Code Sign

56:73:d6:a7:0d:da:50:a3:47:ae:e0:41:7e:b5:04:85
Certificate

Issuer

CN=glzqsrktkgi

Not Before

12-01-2012 17:09

Not After

31-12-2039 23:59

Subject

CN=Penokol

59:0a:9c:9b:ee:d1:54:54:8c:b2:24:05:05:9e:99:78:71:27:32:19
Signer

Actual PE Digest

59:0a:9c:9b:ee:d1:54:54:8c:b2:24:05:05:9e:99:78:71:27:32:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfileOnILockBytes
OleCreateStaticFromData
OleSaveToStream
StgOpenStorageEx
WriteClassStg
OleCreate
CoRegisterMessageFilter
CreateOleAdviseHolder
CoMarshalHresult
MkParseDisplayName
OleCreateMenuDescriptor
CoTreatAsClass
SetConvertStg
OleCreateLinkFromDataEx

kernel32

GetModuleFileNameA
HeapReAlloc
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LoadLibraryA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rqxulg
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c90d6a6f9db3812760da27b7daa02c1c

Code Sign

56:73:d6:a7:0d:da:50:a3:47:ae:e0:41:7e:b5:04:85Certificate

59:0a:9c:9b:ee:d1:54:54:8c:b2:24:05:05:9e:99:78:71:27:32:19Signer

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 94KB

.rqxulg Size: 403KB - Virtual size: 403KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

56:73:d6:a7:0d:da:50:a3:47:ae:e0:41:7e:b5:04:85
Certificate

59:0a:9c:9b:ee:d1:54:54:8c:b2:24:05:05:9e:99:78:71:27:32:19
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 94KB

.rqxulg
Size: 403KB - Virtual size: 403KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB