6a9fc8bc9b579dedcbf45e5f38e2c7a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a9fc8bc9b579dedcbf45e5f38e2c7a4_JaffaCakes118
Size

17KB
MD5

6a9fc8bc9b579dedcbf45e5f38e2c7a4
SHA1

792a0040d2bafea54bd322864867080e2269ab19
SHA256

708f6db4c2d0b851ad19bbcd984ab0eacaf32bb75ad0b6ecd864498b4a4bfc75
SHA512

f26a6516c230698ffe38e5f45b131b146f53f62db5edef7a20700ad0b7faa7247a88b8ff2be8fd3144e2e944d28318ff23fbb13713dd1de235ae84941d27ea58
SSDEEP

384:PGf4AgIpyLyaZ4E8mYlXU5m9x1hh4WWieZWGk:PGlC4E8mYlB9/hhdeE

Score

1^/10

Malware Config

Signatures

Files

6a9fc8bc9b579dedcbf45e5f38e2c7a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

4d:d2:78:61:3f:c4:56:a1:cc:78:46:b2:4a:75:12:cb:b1:93:2e:29
Signer

Actual PE Digest

4d:d2:78:61:3f:c4:56:a1:cc:78:46:b2:4a:75:12:cb:b1:93:2e:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetProcAddress
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a8c1a22af742cf174436f1195d7c570

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

4d:d2:78:61:3f:c4:56:a1:cc:78:46:b2:4a:75:12:cb:b1:93:2e:29Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

4d:d2:78:61:3f:c4:56:a1:cc:78:46:b2:4a:75:12:cb:b1:93:2e:29
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB