84cce0da6b965717d935045e030b49a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84cce0da6b965717d935045e030b49a8_JaffaCakes118
Size

415KB
MD5

84cce0da6b965717d935045e030b49a8
SHA1

6628214b312d8105c0484d47997a13b7c669d224
SHA256

c3aafae4fdfd9967249fec02ee7757bf0f078f89559d696f15cd908478e23137
SHA512

20403aaaf1ad5b7b591ca258164af623ec25355461f7942aca8827e2564620c1c5cadd1231a996553802c58a10b48af35f7124e28daa728dbf0995e8bd389bed
SSDEEP

6144:De+uI3QRsDG2fXaRxvyQ3mdtanb3kdK7Odn9HYyFkccwD:yLuiM5Xgxh30u3kmOdn9HYpe

Score

1^/10

Malware Config

Signatures

Files

84cce0da6b965717d935045e030b49a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b45cab19c3974c43325fbd6c06f9dd9

Code Sign

7e:af:c1:9b:71:c8:f6:4c:b4:bd:a7:52:f7:13:ac:27
Certificate

Issuer

CN=Root Agency

Not Before

11/11/2011, 19:13

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

81:b3:aa:8e:b1:f2:22:3e:d1:3b:43:cd:a5:61:ac:79:8e:0a:55:1c
Signer

Actual PE Digest

81:b3:aa:8e:b1:f2:22:3e:d1:3b:43:cd:a5:61:ac:79:8e:0a:55:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
FindWindowA
RegisterWindowMessageA

oledlg

ord1
ord6
ord5
ord12
ord8

msvcrt

_acmdln
exit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
__getmainargs

kernel32

GetStartupInfoA
ExitProcess
GetProcAddress
GetModuleHandleA
LocalAlloc
GetCurrencyFormatA
OpenEventA
SetEvent
GlobalSize
VirtualFreeEx
GetACP
VirtualLock

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gvq
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b45cab19c3974c43325fbd6c06f9dd9

Code Sign

7e:af:c1:9b:71:c8:f6:4c:b4:bd:a7:52:f7:13:ac:27Certificate

81:b3:aa:8e:b1:f2:22:3e:d1:3b:43:cd:a5:61:ac:79:8e:0a:55:1cSigner

Headers

File Characteristics

Imports

user32

oledlg

msvcrt

kernel32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1024B - Virtual size: 890B

.data Size: 267KB - Virtual size: 347KB

gvq Size: 128KB - Virtual size: 127KB

.rsrc Size: 5KB - Virtual size: 5KB

7e:af:c1:9b:71:c8:f6:4c:b4:bd:a7:52:f7:13:ac:27
Certificate

81:b3:aa:8e:b1:f2:22:3e:d1:3b:43:cd:a5:61:ac:79:8e:0a:55:1c
Signer

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1024B - Virtual size: 890B

.data
Size: 267KB - Virtual size: 347KB

gvq
Size: 128KB - Virtual size: 127KB

.rsrc
Size: 5KB - Virtual size: 5KB