5ca4c482f4123f58ca848d1ee13c24ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ca4c482f4123f58ca848d1ee13c24ae_JaffaCakes118
Size

60KB
MD5

5ca4c482f4123f58ca848d1ee13c24ae
SHA1

80e675ab6a82e8e8c3757d057888a6a11079b77a
SHA256

cc341a3697f8f123cc99f12455d090bec514a5a63998be5b01cdea25f30287c6
SHA512

e1491fe9bad42a643028bd4c0762a9ab92c83b1b58107053ca74565284bef0941f7c4bc24dc69393c61d52ffc413913e2d12a81e9e8aaae99ea594f24e0d64fb
SSDEEP

768:xnkoaEY/dhd5VgYu+wL63E9KNReAeU4vVoDkOu/KR68bUiUrbTbl4bB/M8WE:xVaRhd5VgAw+3E96v4vVKAK8e5F/WE

Score

1^/10

Malware Config

Signatures

Files

5ca4c482f4123f58ca848d1ee13c24ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93b5201d57470bdee489ff3f4140bac0

Code Sign

05:a5:21:db:a1:89:4c:5f:b8:20:5e:5d:05:ef:9e:ca
Certificate

Issuer

CN=Root dddddd

Not Before

02/12/2009, 11:32

Not After

31/12/2039, 23:59

Subject

CN=trsfs.fgs,O=y,1.2.840.113549.1.9.1=#130a6361666763612e6a6f70

66:41:9b:7b:5a:ce:3d:d1:cf:09:cd:2e:f4:28:dd:b1:35:6a:3c:ff
Signer

Actual PE Digest

66:41:9b:7b:5a:ce:3d:d1:cf:09:cd:2e:f4:28:dd:b1:35:6a:3c:ff

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
VirtualFreeEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
CreateProcessA
GetModuleFileNameA
GetCurrentProcess
SetThreadContext
ResumeThread
GetThreadContext

advapi32.dll�

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

msvcrt.dll�

malloc
fclose
??3@YAXPAX@Z
fread
fseek
fopen
free

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cw
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CBtrl
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sha
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93b5201d57470bdee489ff3f4140bac0

Code Sign

05:a5:21:db:a1:89:4c:5f:b8:20:5e:5d:05:ef:9e:caCertificate

66:41:9b:7b:5a:ce:3d:d1:cf:09:cd:2e:f4:28:dd:b1:35:6a:3c:ffSigner

Headers

File Characteristics

Imports

kernel32

advapi32.dll�

msvcrt.dll�

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.cw Size: 512B - Virtual size: 512B

.CBtrl Size: 51KB - Virtual size: 52KB

.sha Size: 512B - Virtual size: 44B

05:a5:21:db:a1:89:4c:5f:b8:20:5e:5d:05:ef:9e:ca
Certificate

66:41:9b:7b:5a:ce:3d:d1:cf:09:cd:2e:f4:28:dd:b1:35:6a:3c:ff
Signer

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.cw
Size: 512B - Virtual size: 512B

.CBtrl
Size: 51KB - Virtual size: 52KB

.sha
Size: 512B - Virtual size: 44B