6968914726f75bd4afc7981e22809ffc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6968914726f75bd4afc7981e22809ffc_JaffaCakes118
Size

435KB
MD5

6968914726f75bd4afc7981e22809ffc
SHA1

c249e9bbff534747716c8be9d0d6be369dadd056
SHA256

e26213b6309b93554241fbd76f70c33fd6e464e3d845d1b506d32d307738a035
SHA512

f4f139cf16eaa88b6e2ee563acdf07b823946e54bb1178d13406becae78170a01ec990755e138c8de1215b144a2b1739c48af94c04675f85205c4d51f043930a
SSDEEP

12288:T6AYr85PNppSmGFIMUx2IuHvwqPyhwinS:T6Zr8jGmhx2vHvtPyhHS

Score

1^/10

Malware Config

Signatures

Files

6968914726f75bd4afc7981e22809ffc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cc63394ba36b167ee3b532cfbf59c4d

Code Sign

55:0d:6f:9b:be:9b:eb:57:ba:eb:87:9c:05:63:dc:0d
Certificate

Issuer

CN=fdixqpyknuq

Not Before

01/12/2011, 19:39

Not After

17/07/2019, 22:00

Subject

CN=Loretusa

59:82:86:ce:73:2f:ab:e0:7f:ed:59:57:64:72:48:77:e6:83:69:86
Signer

Actual PE Digest

59:82:86:ce:73:2f:ab:e0:7f:ed:59:57:64:72:48:77:e6:83:69:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
ArrangeIconicWindows
GetDlgItemTextA
GetParent
DeferWindowPos

ole32

OleGetIconOfClass
CoGetMarshalSizeMax
CoLockObjectExternal
BindMoniker
CoTreatAsClass

comctl32

InitializeFlatSB
InitCommonControlsEx
DestroyPropertySheetPage
ord5

urlmon

CreateFormatEnumerator

shlwapi

StrRStrIW

kernel32

GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeW
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
GetThreadLocale
CreateEventA
VirtualAlloc
IsBadWritePtr
CreateFileA
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cc63394ba36b167ee3b532cfbf59c4d

Code Sign

55:0d:6f:9b:be:9b:eb:57:ba:eb:87:9c:05:63:dc:0dCertificate

59:82:86:ce:73:2f:ab:e0:7f:ed:59:57:64:72:48:77:e6:83:69:86Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

urlmon

shlwapi

kernel32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 110KB - Virtual size: 109KB

.data Size: 296KB - Virtual size: 378KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

55:0d:6f:9b:be:9b:eb:57:ba:eb:87:9c:05:63:dc:0d
Certificate

59:82:86:ce:73:2f:ab:e0:7f:ed:59:57:64:72:48:77:e6:83:69:86
Signer

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 296KB - Virtual size: 378KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB