8b14aec7e1c6a1e5279ae095db256141_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b14aec7e1c6a1e5279ae095db256141_JaffaCakes118
Size

348KB
MD5

8b14aec7e1c6a1e5279ae095db256141
SHA1

fac5fa4a61c828240b2da2be8f2cf6b7efb49e59
SHA256

1885d38fc407bf0adc8f98a5b0ba2ef9b3c781edc277219068508c35ac8032b7
SHA512

4cf6daee22f31c8fb5f8d443b913bdba408afc9c5d02e7d33f06c23e90c0693cd4c703a1c8dee733b952f1b02501d9c589658733f7fe33434e78caf6bd50d084
SSDEEP

6144:uQ3ZkpkYYjQy5A69LmEO5FXjKmtNbjKBj06JlIsDFEjEjKlfZW:xlEy5N/O5Z+mtNXKBj06wWE4KZW

Score

1^/10

Malware Config

Signatures

Files

8b14aec7e1c6a1e5279ae095db256141_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65b77e73ef130f84834d0a5d16b50acd

Code Sign

24:de:0d:f7:ff:b0:a6:b9:49:65:b0:da:1e:92:84:0b
Certificate

Issuer

CN=xqmciqicqtw

Not Before

15/12/2011, 13:16

Not After

22/02/2017, 22:00

Subject

CN=Lokinet

5d:49:e4:c7:27:52:7c:00:86:79:b2:c3:9e:a0:1b:68:a7:c1:52:d0
Signer

Actual PE Digest

5d:49:e4:c7:27:52:7c:00:86:79:b2:c3:9e:a0:1b:68:a7:c1:52:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxExA
AdjustWindowRectEx
IsChild
CreateDialogIndirectParamA
GetParent

ole32

CoMarshalHresult
CoRegisterMallocSpy
CoGetClassObject
StringFromIID
OleDoAutoConvert

oleaut32

CreateTypeLib2

kernel32

GetCurrentThreadId
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
CreateProcessA
CloseHandle
WaitForSingleObject
GetExitCodeProcess
HeapReAlloc
HeapUnlock
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetFileAttributesA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

swwqlv
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pbllf
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65b77e73ef130f84834d0a5d16b50acd

Code Sign

24:de:0d:f7:ff:b0:a6:b9:49:65:b0:da:1e:92:84:0bCertificate

5d:49:e4:c7:27:52:7c:00:86:79:b2:c3:9e:a0:1b:68:a7:c1:52:d0Signer

Headers

File Characteristics

Imports

user32

ole32

oleaut32

kernel32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 510KB

swwqlv Size: 201KB - Virtual size: 200KB

pbllf Size: 97KB - Virtual size: 96KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 3KB

24:de:0d:f7:ff:b0:a6:b9:49:65:b0:da:1e:92:84:0b
Certificate

5d:49:e4:c7:27:52:7c:00:86:79:b2:c3:9e:a0:1b:68:a7:c1:52:d0
Signer

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 510KB

swwqlv
Size: 201KB - Virtual size: 200KB

pbllf
Size: 97KB - Virtual size: 96KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 3KB