5bad183e9d4d86dbd2d6aa613782c0c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5bad183e9d4d86dbd2d6aa613782c0c9_JaffaCakes118
Size

50KB
MD5

5bad183e9d4d86dbd2d6aa613782c0c9
SHA1

6f9faa604e92796c9a2def74f98bfb9dc369c2e6
SHA256

8589deeae76b8b2cd157ea6f0e6b8e6d1d5d167a4625fd3151aa8afb42b7ed87
SHA512

8a2ca81519b60fa8637236d7ff052593cd355429dcc17dc67b064c521585d1d1e5e6391c09e4e8719d1ab8ebd10b3e555e93e80e3a58267edf32d2c820e0ca1a
SSDEEP

768:vFPr2QXKx/JcaRLC9z+ZiVhgRbP0QRwSHU3AKXJRcIFeEAaVflntETqHaQwXXdw:vZgMSO+ZiVuR7qZQKXJRj8mPtsqhAq

Score

1^/10

Malware Config

Signatures

Files

5bad183e9d4d86dbd2d6aa613782c0c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93b5201d57470bdee489ff3f4140bac0

Code Sign

66:f5:86:02:15:dc:43:90:4b:07:f3:63:4d:1c:35:65
Certificate

Issuer

CN=Root Agency

Not Before

11/09/2009, 13:09

Not After

31/12/2039, 23:59

Subject

CN=hfdhccgd675675gfhgfrgh.kjkjjjhj,O=y,1.2.840.113549.1.9.1=#131872657364666667787273647866676368686a2e6f6c6b6867

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
VirtualFreeEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
CreateProcessA
GetModuleFileNameA
GetCurrentProcess
SetThreadContext
ResumeThread
GetThreadContext

advapi32.dll�

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

msvcrt.dll�

malloc
fclose
??3@YAXPAX@Z
fread
fseek
fopen
free

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CBtrl
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93b5201d57470bdee489ff3f4140bac0

Code Sign

66:f5:86:02:15:dc:43:90:4b:07:f3:63:4d:1c:35:65Certificate

Signer

Headers

File Characteristics

Imports

kernel32

advapi32.dll�

msvcrt.dll�

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.CBtrl Size: 41KB - Virtual size: 44KB

.w2 Size: 512B - Virtual size: 44B

66:f5:86:02:15:dc:43:90:4b:07:f3:63:4d:1c:35:65
Certificate

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.CBtrl
Size: 41KB - Virtual size: 44KB

.w2
Size: 512B - Virtual size: 44B