67857866c7e3bae42c4436b874071c4d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

67857866c7e3bae42c4436b874071c4d_JaffaCakes118
Size

17KB
MD5

67857866c7e3bae42c4436b874071c4d
SHA1

f00a4787eb6dcf92647619312bd33db2cb3ed8a7
SHA256

b3ef3d0f0b992c37056a8ec14071d4d6bd0a79f6823e98d7eda37cf2437e5b50
SHA512

cfb00ad3ffe8db026507739529dfebbc8de174e41811606e74719a1d9844f2a527fed02247ef89b09e0e47f807092f112930e14107c937ac97b0049e239daac2
SSDEEP

384:QZVQrnTKPAcGW/mLcyUMIxAhh4WWieZWpo:QZmTgAcZyR2yhhde7

Score

1^/10

Malware Config

Signatures

Files

67857866c7e3bae42c4436b874071c4d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

fd:ef:09:5b:f3:ec:d8:11:2f:2d:c5:ce:e4:c7:5f:79:d3:62:38:2e
Signer

Actual PE Digest

fd:ef:09:5b:f3:ec:d8:11:2f:2d:c5:ce:e4:c7:5f:79:d3:62:38:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetProcAddress
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

fd:ef:09:5b:f3:ec:d8:11:2f:2d:c5:ce:e4:c7:5f:79:d3:62:38:2eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

fd:ef:09:5b:f3:ec:d8:11:2f:2d:c5:ce:e4:c7:5f:79:d3:62:38:2e
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB