46afd458c5afa7051516a79f32dffac9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46afd458c5afa7051516a79f32dffac9_JaffaCakes118
Size

16KB
MD5

46afd458c5afa7051516a79f32dffac9
SHA1

cef8ba518d3169757eeba0867f982610c01421ee
SHA256

d320a89f52d9d5f82b37b72f742e6fb968d1f12a8ea1535ef4b31b114e8bc6f9
SHA512

0d083ff97b801321a16614a3c3e9d353df939ae5c5e08316ccaf4200ffce35c8de3fd67a8f814926c93314889bcd4f1fd00f5f037574fcc3d7f4d20628d88921
SSDEEP

384:eQzsSvg4+Lpoypy98RseeTx1hh4WWieZWGp:eQQOApoypy9PeeT/hhdeV

Score

1^/10

Malware Config

Signatures

Files

46afd458c5afa7051516a79f32dffac9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

53:68:cc:1b:b9:3e:2f:7b:72:bf:80:19:da:67:a1:a2:d2:85:63:98
Signer

Actual PE Digest

53:68:cc:1b:b9:3e:2f:7b:72:bf:80:19:da:67:a1:a2:d2:85:63:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetProcAddress
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

53:68:cc:1b:b9:3e:2f:7b:72:bf:80:19:da:67:a1:a2:d2:85:63:98Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

53:68:cc:1b:b9:3e:2f:7b:72:bf:80:19:da:67:a1:a2:d2:85:63:98
Signer

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB