62e7fed033759a83c9a2ee1a52f7faf1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62e7fed033759a83c9a2ee1a52f7faf1_JaffaCakes118
Size

18KB
MD5

62e7fed033759a83c9a2ee1a52f7faf1
SHA1

119f501f5ed714e2d5aa0cc04c310df3e3fe5687
SHA256

69e258c32a899f86f7ef4718482679917f4df7825640e9ceeee5e0c81310e7c3
SHA512

7ee6b149ca5dad01112b11e429c448083aad80607936ecff14a830378d31dc7e9df5f965e2ffdd459252be9bfd1ab3f3e20ba429aa11f22bb18ee2c4ddf8577f
SSDEEP

192:iSivzPoB4qwMRX0SFavyAKEsgs+MrPXAdn6pIjwT3wZKlND3koxYcN8m:iSyEB4qw4X0SFavLKEfervAdn6S8TeEZ

Score

1^/10

Malware Config

Signatures

Files

62e7fed033759a83c9a2ee1a52f7faf1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b580eb8eded1aa895fe14bf06a760bb2

Code Sign

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43
Certificate

Issuer

CN=551212512

Not Before

12/02/2012, 09:34

Not After

31/12/2039, 23:59

Subject

CN=551212512

Extended Key Usages

ExtKeyUsageCodeSigning

5c:c4:4a:01:e4:7e:9a:b1:5e:da:5e:a1:17:c3:31:45:a8:d9:bc:4e
Signer

Actual PE Digest

5c:c4:4a:01:e4:7e:9a:b1:5e:da:5e:a1:17:c3:31:45:a8:d9:bc:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapA

advapi32

RegOpenKeyExA

shlwapi

UrlCompareA
wvnsprintfA
UrlUnescapeW
ChrCmpIW
ColorAdjustLuma
GetMenuPosFromID
PathAddBackslashW
PathAddExtensionA
PathCombineW
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathExA
PathCompactPathExW
PathCompactPathW
PathFindFileNameA
PathFindNextComponentA
PathFindSuffixArrayW
PathGetDriveNumberA
PathGetDriveNumberW
PathIsDirectoryA
PathIsFileSpecW
PathIsLFNFileSpecA
PathIsNetworkPathA
PathIsPrefixW
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderA
PathIsSystemFolderW
PathIsUNCServerA
PathIsUNCServerShareA
PathIsURLW
PathMakeSystemFolderA
PathMatchSpecA
PathMatchSpecW
PathParseIconLocationW
PathQuoteSpacesA
PathRemoveFileSpecA
PathSearchAndQualifyW
PathSetDlgItemPathW
PathStripToRootA
PathStripToRootW
PathUndecorateA
PathUnmakeSystemFolderW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHCopyKeyA
SHCreateStreamOnFileA
SHDeleteEmptyKeyA
SHDeleteValueA
SHEnumKeyExA
SHEnumValueW
SHGetInverseCMAP
SHGetValueA
SHIsLowMemoryMachine
SHOpenRegStream2A
SHQueryInfoKeyW
SHQueryValueExW
SHRegDeleteEmptyUSKeyW
SHRegEnumUSKeyW
SHRegGetBoolUSValueA
SHRegGetUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegWriteUSValueW
SHSetValueA
StrCatW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCpyNW
StrIsIntlEqualA
StrNCatA
StrRChrA
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBufA
StrSpnA
StrToIntW
UrlApplySchemeW
UrlCombineA
UrlCombineW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b580eb8eded1aa895fe14bf06a760bb2

Code Sign

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43Certificate

Extended Key Usages

5c:c4:4a:01:e4:7e:9a:b1:5e:da:5e:a1:17:c3:31:45:a8:d9:bc:4eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 88B

.rsrc Size: 2KB - Virtual size: 1KB

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43
Certificate

5c:c4:4a:01:e4:7e:9a:b1:5e:da:5e:a1:17:c3:31:45:a8:d9:bc:4e
Signer

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 88B

.rsrc
Size: 2KB - Virtual size: 1KB