4795570a43616f70d5a9b84293219940_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4795570a43616f70d5a9b84293219940_JaffaCakes118
Size

161KB
MD5

4795570a43616f70d5a9b84293219940
SHA1

ecf4d50e29513e91778319012c648dea805e491c
SHA256

8b9e2bbbe9e75c21606bce90f9d4fc1656dcadafa80413475b79195938edc7fe
SHA512

90c5b7fc487833fec689a48a2bab53b7fcd7da082a019e9e8a868a5779f8648675092987ce4ea33cd2e9ba9f37bc3761e90c1206824f666c6f9b62164c9ca5d6
SSDEEP

3072:JOb71HC7v47zhfNpmHMiSyG40Vp2wZU7P3GP:wb7OmyGJp2F7P3M

Score

1^/10

Malware Config

Signatures

Files

4795570a43616f70d5a9b84293219940_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8e
Certificate

Issuer

CN=829915296348636797555212219712666822675899223796878297237912889199175292879833164624961537337353648646919121742494647685797136953259976244853433765316

Not Before

11-07-2012 07:51

Not After

31-12-2039 23:59

Subject

CN=829915296348636797555212219712666822675899223796878297237912889199175292879833164624961537337353648646919121742494647685797136953259976244853433765316

Extended Key Usages

ExtKeyUsageCodeSigning

a1:84:7c:50:55:28:d4:a0:26:45:b0:75:4a:a9:5b:e5:c9:2d:bb:f6
Signer

Actual PE Digest

a1:84:7c:50:55:28:d4:a0:26:45:b0:75:4a:a9:5b:e5:c9:2d:bb:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetModuleHandleA
GetProcAddress
CloseHandle
GetWindowsDirectoryW
CreateFileW
VirtualAllocEx

user32

LoadIconA

advapi32

RegOpenKeyW
RegCloseKey

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8eCertificate

Extended Key Usages

a1:84:7c:50:55:28:d4:a0:26:45:b0:75:4a:a9:5b:e5:c9:2d:bb:f6Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 142KB - Virtual size: 141KB

.data Size: 10KB - Virtual size: 10KB

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 220B

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8e
Certificate

a1:84:7c:50:55:28:d4:a0:26:45:b0:75:4a:a9:5b:e5:c9:2d:bb:f6
Signer

.text
Size: 142KB - Virtual size: 141KB

.data
Size: 10KB - Virtual size: 10KB

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 220B