5e44ceba0c983f5f57739e922c6cca84_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e44ceba0c983f5f57739e922c6cca84_JaffaCakes118
Size

430KB
MD5

5e44ceba0c983f5f57739e922c6cca84
SHA1

ea2c6422ba23bc50d8c3e1e5595206faea2608ac
SHA256

305c4e7165d53f37fe537c53c9067518dcc069e55f58473fcba607c5b5d665ba
SHA512

f0f84b809b5a2f5446c9c07a47805ecc5776b7b4bc3abcc36869c9bce6896b4a35a8693f21f9f85bb4efded6564723ffcfe4bacb743f82b1536fbdf06975a543
SSDEEP

6144:CDTdSgX2pzNsS1zQ23POLMp/rma2KP7WU38GyoMieE2+hFYa2gFIvW5fqjEm/3f6:4Tdp2sqPWLMpTHzWUMPE2MKaerXR4

Score

1^/10

Malware Config

Signatures

Files

5e44ceba0c983f5f57739e922c6cca84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1752fa668b5053383a04d4a3ec970f97

Code Sign

76:bf:5b:3b:c7:4e:a2:74:b5:24:f5:08:62:4f:a7:d0
Certificate

Issuer

CN=aqwobjgftoj

Not Before

09-12-2011 15:22

Not After

15-08-2022 22:00

Subject

CN=Genopik

0c:8e:bf:3d:f5:2e:18:7f:7c:00:4b:95:fe:13:d7:a5:b1:27:85:bb
Signer

Actual PE Digest

0c:8e:bf:3d:f5:2e:18:7f:7c:00:4b:95:fe:13:d7:a5:b1:27:85:bb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseWindow
ArrangeIconicWindows
GetClientRect
EndDeferWindowPos
GetDlgCtrlID

ole32

CoFreeAllLibraries
GetRunningObjectTable
CreateClassMoniker
OleGetIconOfClass

advapi32

RegCreateKeyExA
RegCreateKeyA
RegReplaceKeyA

kernel32

LCMapStringA
MultiByteToWideChar
LoadLibraryA
LCMapStringW
GetACP
GetCPInfo
WriteFile
GetStringTypeA
GetStringTypeW
GetOEMCP
LeaveCriticalSection
GetCPInfoExA
CreateSemaphoreA
HeapAlloc
WriteProfileSectionA
GetPrivateProfileSectionA
GetModuleHandleA
GetProcAddress
ExitProcess
GetLastError
HeapValidate
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
RtlUnwind

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

johfh
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdaj
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1752fa668b5053383a04d4a3ec970f97

Code Sign

76:bf:5b:3b:c7:4e:a2:74:b5:24:f5:08:62:4f:a7:d0Certificate

0c:8e:bf:3d:f5:2e:18:7f:7c:00:4b:95:fe:13:d7:a5:b1:27:85:bbSigner

Headers

File Characteristics

Imports

user32

ole32

advapi32

kernel32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 90KB

johfh Size: 287KB - Virtual size: 287KB

sdaj Size: 111KB - Virtual size: 110KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 2KB

76:bf:5b:3b:c7:4e:a2:74:b5:24:f5:08:62:4f:a7:d0
Certificate

0c:8e:bf:3d:f5:2e:18:7f:7c:00:4b:95:fe:13:d7:a5:b1:27:85:bb
Signer

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 90KB

johfh
Size: 287KB - Virtual size: 287KB

sdaj
Size: 111KB - Virtual size: 110KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 2KB