89d75160f19cc3c169a5c2aa35e2fa4a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89d75160f19cc3c169a5c2aa35e2fa4a_JaffaCakes118
Size

161KB
MD5

89d75160f19cc3c169a5c2aa35e2fa4a
SHA1

5efbb6d3a81dc62efc9f1ed1746c3aef4ab7100c
SHA256

8d2263a90acf2068871a8d51a10defd7df06d0f6909e62dc3cb1159a6a7a0e75
SHA512

de195046643571f971c416bd47fd1d77a5b3a31746ae7eaacc5cb9db7b4026006a81de7c972b34626468b69eae1ae1254848663fcf3718369e4e63af35503bc7
SSDEEP

3072:eWKTFHAN8WibywwgMOhJSqbX3sZm3VI6uE:9KTt9ZsZmFI6X

Score

1^/10

Malware Config

Signatures

Files

89d75160f19cc3c169a5c2aa35e2fa4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

39:70:59:ab:49:df:56:b8:43:5f:b5:3e:59:d2:c3:e6
Certificate

Issuer

CN=882245792676296826226313766363632245793453325733564545189521919269462697541794436139699296936962559948323533313781314836392335311149772839527779846835

Not Before

12/07/2012, 05:47

Not After

31/12/2039, 23:59

Subject

CN=882245792676296826226313766363632245793453325733564545189521919269462697541794436139699296936962559948323533313781314836392335311149772839527779846835

Extended Key Usages

ExtKeyUsageCodeSigning

e5:8a:4a:88:c5:71:b9:d9:61:19:34:68:9f:f4:94:7a:bb:33:70:cd
Signer

Actual PE Digest

e5:8a:4a:88:c5:71:b9:d9:61:19:34:68:9f:f4:94:7a:bb:33:70:cd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetModuleHandleA
GetProcAddress
CloseHandle
GetWindowsDirectoryW
CreateFileW
VirtualAllocEx

user32

LoadIconA

advapi32

RegOpenKeyW
RegCloseKey

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

39:70:59:ab:49:df:56:b8:43:5f:b5:3e:59:d2:c3:e6Certificate

Extended Key Usages

e5:8a:4a:88:c5:71:b9:d9:61:19:34:68:9f:f4:94:7a:bb:33:70:cdSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 142KB - Virtual size: 141KB

.data Size: 10KB - Virtual size: 10KB

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 220B

39:70:59:ab:49:df:56:b8:43:5f:b5:3e:59:d2:c3:e6
Certificate

e5:8a:4a:88:c5:71:b9:d9:61:19:34:68:9f:f4:94:7a:bb:33:70:cd
Signer

.text
Size: 142KB - Virtual size: 141KB

.data
Size: 10KB - Virtual size: 10KB

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 220B