715866e17f743e44990d0b58d76cd59e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

715866e17f743e44990d0b58d76cd59e_JaffaCakes118
Size

350KB
MD5

715866e17f743e44990d0b58d76cd59e
SHA1

06c664b19b0b0673d6936d9db39bbed57da8b155
SHA256

2351744e10b6036669001ae3e41ab94b334dd0ab1b774eaace1db05fed38140a
SHA512

c4ef0c46de16af7a704edff72bd4b1b4be1d774a0ce19d527b11427121dccd8778988f9a656a3cca4ebf7a217490f2353e3b6b76df6e755c32a56ee80ee933db
SSDEEP

6144:LHEYhSrsLh7fQoYh9OHLRv1CimffXocb0tuh/4V4Gqp:bnMoLzH1v2ffXoAWu9C4Gqp

Score

1^/10

Malware Config

Signatures

Files

715866e17f743e44990d0b58d76cd59e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

113cc3b3314cd98bced1841e2fe9dd38

Code Sign

3a:84:1b:8a:ca:db:0e:95:4e:60:a5:ed:2f:3d:2d:5a
Certificate

Issuer

CN=ktezenjoxnv

Not Before

18/01/2012, 07:42

Not After

31/12/2039, 23:59

Subject

CN=Okiuytr

89:d9:47:40:54:f7:30:7d:fc:17:fc:7a:2a:69:db:24:f3:4c:75:b4
Signer

Actual PE Digest

89:d9:47:40:54:f7:30:7d:fc:17:fc:7a:2a:69:db:24:f3:4c:75:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

PropStgNameToFmtId
ReadClassStm
CoResumeClassObjects
OleSetMenuDescriptor
StgOpenStorageEx
IIDFromString
CoTaskMemFree
CoGetMarshalSizeMax
CoUninitialize
StringFromIID
CLSIDFromProgID
OleCreateFromFile
OleCreateLinkFromData
OleCreateEx

kernel32

GetStringTypeA
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
IsValidCodePage
GetUserDefaultLCID
HeapLock
GlobalLock
SetLocaleInfoA
GlobalReAlloc
VirtualFreeEx
MultiByteToWideChar
HeapCreate
GetStringTypeW
ReleaseMutex
OpenSemaphoreA
IsBadStringPtrA
GetStartupInfoA
GetProcAddress
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
LCMapStringA
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sczg
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

113cc3b3314cd98bced1841e2fe9dd38

Code Sign

3a:84:1b:8a:ca:db:0e:95:4e:60:a5:ed:2f:3d:2d:5aCertificate

89:d9:47:40:54:f7:30:7d:fc:17:fc:7a:2a:69:db:24:f3:4c:75:b4Signer

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 506KB

.sczg Size: 298KB - Virtual size: 297KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 5KB - Virtual size: 5KB

3a:84:1b:8a:ca:db:0e:95:4e:60:a5:ed:2f:3d:2d:5a
Certificate

89:d9:47:40:54:f7:30:7d:fc:17:fc:7a:2a:69:db:24:f3:4c:75:b4
Signer

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 506KB

.sczg
Size: 298KB - Virtual size: 297KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 5KB - Virtual size: 5KB