63deac79a1c5a8a08c9d141824a8714d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63deac79a1c5a8a08c9d141824a8714d_JaffaCakes118
Size

311KB
MD5

63deac79a1c5a8a08c9d141824a8714d
SHA1

3239dd6ad647db954451b87358a782e8934a96bc
SHA256

dfc87a026b9554a6ad07f905ee7ed57307a75dd86574c9ac5276d7161706273e
SHA512

7cb3f3977d304202f9102f3d91552a83b99fe9ef4661e44d51faf5671633a3dfdd1fac5b7d3abdce8018450e1560c5dd5666fe2cc7067d767949cb9b3fd86916
SSDEEP

6144:hsbByhz9/wAS64AqKuGp2hpEwyI41gY9sU:hsBGtVSzwuu6CIE

Score

1^/10

Malware Config

Signatures

Files

63deac79a1c5a8a08c9d141824a8714d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

Issuer

CN=u65ykrty

Not Before

28/01/2012, 05:39

Not After

31/12/2039, 23:59

Subject

CN=u65ykrty

Extended Key Usages

ExtKeyUsageCodeSigning

2c:5c:71:c1:7a:d3:c6:e6:2d:f4:20:a9:73:36:31:81:47:de:e8:2f
Signer

Actual PE Digest

2c:5c:71:c1:7a:d3:c6:e6:2d:f4:20:a9:73:36:31:81:47:de:e8:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc

user32

LoadIconW

advapi32

RegOpenKeyExW

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26Certificate

Extended Key Usages

2c:5c:71:c1:7a:d3:c6:e6:2d:f4:20:a9:73:36:31:81:47:de:e8:2fSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 303KB - Virtual size: 302KB

.data Size: 1024B - Virtual size: 640B

.text5 Size: 512B - Virtual size: 32B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 164B

67:7b:0f:56:de:04:8d:a7:4e:a7:1f:99:23:cc:68:26
Certificate

2c:5c:71:c1:7a:d3:c6:e6:2d:f4:20:a9:73:36:31:81:47:de:e8:2f
Signer

.text
Size: 303KB - Virtual size: 302KB

.data
Size: 1024B - Virtual size: 640B

.text5
Size: 512B - Virtual size: 32B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 164B