7007e9cc8858ac2cece22d5809aa916f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7007e9cc8858ac2cece22d5809aa916f_JaffaCakes118
Size

338KB
MD5

7007e9cc8858ac2cece22d5809aa916f
SHA1

8574e6f4efbf4b333813315490c21d48f1c3fb52
SHA256

c7d9f5e3e1d04e0898370832ee7239a601a08f684d3a824d931ee10fb23684d8
SHA512

6950b53a85b2ea27750fc5e3360466d6d73a2a3d0c70de9da1dd8fa9081c9b4476125fd3af58eb5b4dc68e3b07f4113d969b39525c6434c90ca887c8435d1a7d
SSDEEP

6144:aEovqn1lE71SKm/EeBnDlwFQhPu4yl2WWad19978i6tF57tDQhNiCfpxghdT+2:/n1271rheBBKyW9dDfuvBshNicTgjT+2

Score

1^/10

Malware Config

Signatures

Files

7007e9cc8858ac2cece22d5809aa916f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb7d1ee638d0017515d511340a236a13

Code Sign

0a:60:45:e7:dd:ff:1e:72:b3:30:11:07:ae:f3:e0:c6
Certificate

Issuer

CN=lyfwhqaqxkf

Not Before

18/06/2012, 11:35

Not After

31/12/2039, 23:59

Subject

CN=Jerani

a3:22:fd:77:e3:e4:92:be:87:4e:c6:a4:bb:38:50:e0:85:9e:92:ad
Signer

Actual PE Digest

a3:22:fd:77:e3:e4:92:be:87:4e:c6:a4:bb:38:50:e0:85:9e:92:ad

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowUnicode
DestroyWindow
GetSysColor
MoveWindow
FindWindowExA
GetTopWindow
SetDlgItemTextA
SetSysColors
IsDialogMessageA
ArrangeIconicWindows
BringWindowToTop
SetWindowPlacement
IsChild
IsWindowVisible

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegUnLoadKeyA
RegReplaceKeyA
RegLoadKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue

kernel32

GetCurrentProcessId
SetEvent
SuspendThread
CloseHandle
ResumeThread
GetCommandLineA
GetStartupInfoA
GetHandleInformation
DeleteFileA
GetCurrentProcess
VirtualAlloc
GetModuleHandleA
GetComputerNameA
ResetEvent
GetPrivateProfileSectionA
WriteProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetProcAddress
SetHandleInformation

winspool.drv

EnumPrinterDataA
DeletePrinterConnectionA
AdvancedDocumentPropertiesA
ConfigurePortA
AbortPrinter
DeleteFormA
ClosePrinter
AddJobA
DeletePrinterDataA
DeletePrinter
AddFormA
ConnectToPrinterDlg
AddPrinterConnectionA
AddPrinterA

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb7d1ee638d0017515d511340a236a13

Code Sign

0a:60:45:e7:dd:ff:1e:72:b3:30:11:07:ae:f3:e0:c6Certificate

a3:22:fd:77:e3:e4:92:be:87:4e:c6:a4:bb:38:50:e0:85:9e:92:adSigner

Headers

File Characteristics

Imports

user32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 512B - Virtual size: 95KB

.rsrc Size: 5KB - Virtual size: 5KB

0a:60:45:e7:dd:ff:1e:72:b3:30:11:07:ae:f3:e0:c6
Certificate

a3:22:fd:77:e3:e4:92:be:87:4e:c6:a4:bb:38:50:e0:85:9e:92:ad
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 512B - Virtual size: 95KB

.rsrc
Size: 5KB - Virtual size: 5KB