67a3ed3c149033eb1cf155ec739b20c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67a3ed3c149033eb1cf155ec739b20c2_JaffaCakes118
Size

433KB
MD5

67a3ed3c149033eb1cf155ec739b20c2
SHA1

1ddb9bd2aeccf65cb572cabaae8899f7a0169351
SHA256

7f11c1aca6c038de247b3be3c5b6642360252b4582f3317e16dc82c0c78022a3
SHA512

adcd457d8b7fd3e0077ba23ae92271f8006f5f33f46f935e21de5bfd0f13be9ab8db7d0c3dc1d9fa98fb8bad4cde3e99193f6431e2fbc04177689020100c950e
SSDEEP

12288:rQfKjBo/DZv/RSEt9k6IdhWUv+N0pR6Bumb:rQCjBEDZvZSEt9k6chd6BVb

Score

1^/10

Malware Config

Signatures

Files

67a3ed3c149033eb1cf155ec739b20c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f42c258ba953dd8079483832b5c21dae

Code Sign

1b:12:9f:a4:78:04:cd:95:45:8e:20:34:bc:8c:fb:17
Certificate

Issuer

CN=exhoitrrepa

Not Before

02/12/2011, 19:36

Not After

11/08/2024, 22:00

Subject

CN=Nogitusa

dc:78:6d:ac:e5:9a:3d:56:0c:e9:ff:8b:02:93:2a:50:00:ae:95:d2
Signer

Actual PE Digest

dc:78:6d:ac:e5:9a:3d:56:0c:e9:ff:8b:02:93:2a:50:00:ae:95:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
SetSysColors
SetDlgItemTextA
EnumChildWindows
GetTopWindow
IsWindowVisible

ole32

OleSetMenuDescriptor
CoRevokeClassObject
CoResumeClassObjects

comctl32

CreateStatusWindowW

shlwapi

StrRChrIW
StrChrIW
StrStrA

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStringTypeW
GetOEMCP
GetACP
GetCPInfo
WriteFile
LoadLibraryA
LeaveCriticalSection
RtlUnwind
GetLastError
TlsGetValue
GetUserDefaultLangID
VirtualProtect
HeapLock
VirtualFreeEx
GetSystemDefaultLCID
GetFileSize
GetModuleHandleA
GetProcAddress
ExitProcess
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 298KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f42c258ba953dd8079483832b5c21dae

Code Sign

1b:12:9f:a4:78:04:cd:95:45:8e:20:34:bc:8c:fb:17Certificate

dc:78:6d:ac:e5:9a:3d:56:0c:e9:ff:8b:02:93:2a:50:00:ae:95:d2Signer

Headers

File Characteristics

Imports

user32

ole32

comctl32

shlwapi

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 298KB - Virtual size: 380KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 2KB

1b:12:9f:a4:78:04:cd:95:45:8e:20:34:bc:8c:fb:17
Certificate

dc:78:6d:ac:e5:9a:3d:56:0c:e9:ff:8b:02:93:2a:50:00:ae:95:d2
Signer

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 298KB - Virtual size: 380KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 2KB