8632fba1b66820a332fbd6abe2d830d5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8632fba1b66820a332fbd6abe2d830d5_JaffaCakes118
Size

17KB
MD5

8632fba1b66820a332fbd6abe2d830d5
SHA1

95be196c6ee33e716b2366333d50bb2fed564093
SHA256

ae5480e8faf39ef2547f372f8cbc858b3aa7f8f6fcb141eda7d0bf7695fd359b
SHA512

85356c100bff873fd03eb555d280dab05e8ef13833376382abf22d602b6f88bd6c236473d4d7c403bebbd055c477a9fae7a4759c60c49cc28f6efa03057dea3c
SSDEEP

192:TvIB6/SNvyLXqP4KaX+4iyJZBnitG6VxUhh4WWieZWVb:DiRpyLsaX+4ilxUhh4WWieZWl

Score

1^/10

Malware Config

Signatures

Files

8632fba1b66820a332fbd6abe2d830d5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f81e6a44a508d1d3118e37a58efa8460

Code Sign

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7e
Certificate

Issuer

CN=63xrDo6ON5mS

Not Before

09/03/2012, 08:39

Not After

31/12/2039, 23:59

Subject

CN=63xrDo6ON5mS

Extended Key Usages

ExtKeyUsageCodeSigning

43:e1:0d:24:f2:a2:b7:6d:ff:de:52:42:6e:64:05:24:64:c1:e1:7b
Signer

Actual PE Digest

43:e1:0d:24:f2:a2:b7:6d:ff:de:52:42:6e:64:05:24:64:c1:e1:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetWindowsDirectoryW
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f81e6a44a508d1d3118e37a58efa8460

Code Sign

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7eCertificate

Extended Key Usages

43:e1:0d:24:f2:a2:b7:6d:ff:de:52:42:6e:64:05:24:64:c1:e1:7bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 120B

.text4 Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

5c:2b:35:f0:80:92:c8:51:bc:9f:74:2a:0e:3f:f2:7e
Certificate

43:e1:0d:24:f2:a2:b7:6d:ff:de:52:42:6e:64:05:24:64:c1:e1:7b
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 120B

.text4
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB