8ba7b9548cccf3572d55df72f77f6920_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8ba7b9548cccf3572d55df72f77f6920_JaffaCakes118
Size

428KB
MD5

8ba7b9548cccf3572d55df72f77f6920
SHA1

2866f69f741231907963d8b44a24cf04341c3b8b
SHA256

0dc5e3dc322158c25d8e1ba50fd16e4aae4133dc1c7d382ef0ac76abb5eb232c
SHA512

c8fb00ce4bd3fbaddcc8e25f63cc25daf1c2c0eef6b65da989db89e82c7389eb322c45070851d2eee98c25b93caf90768f6d380cc1267c85928fa4a258852801
SSDEEP

12288:fY8s54WF02WUjANR8940oyolxStPqAX+diHsqRL2:fY8skJUMN8oyR5ews02

Score

1^/10

Malware Config

Signatures

Files

8ba7b9548cccf3572d55df72f77f6920_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4208202c7872e4bcf5a458864d6a582

Code Sign

6f:7b:bd:9a:41:99:1a:4f:b4:3a:7b:3d:ab:a4:c0:4e
Certificate

Issuer

CN=qbepiombava

Not Before

27-01-2012 20:22

Not After

31-12-2039 23:59

Subject

CN=Jervop

5a:f2:d9:69:ce:32:1b:74:09:c4:b7:54:60:df:da:db:9c:db:bc:92
Signer

Actual PE Digest

5a:f2:d9:69:ce:32:1b:74:09:c4:b7:54:60:df:da:db:9c:db:bc:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreatePropSetStg
StgIsStorageILockBytes
BindMoniker
CoGetTreatAsClass
CreatePointerMoniker
OleCreateDefaultHandler
StgOpenStorage
CoCreateGuid
CLSIDFromProgID
StringFromCLSID
GetHGlobalFromILockBytes
OleRegEnumVerbs
CoDisconnectObject
GetRunningObjectTable

kernel32

TlsAlloc
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateEventA
GetStringTypeA
SetEvent
GetNumberFormatA
FoldStringA
LocalSize
VirtualProtectEx
GetOverlappedResult
GetLocaleInfoA
SetThreadLocale
GetSystemDefaultLCID
OpenEventA
GetModuleHandleA
GetProcAddress
GetLastError
DeleteFileW
MoveFileW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
GetStringTypeW
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4208202c7872e4bcf5a458864d6a582

Code Sign

6f:7b:bd:9a:41:99:1a:4f:b4:3a:7b:3d:ab:a4:c0:4eCertificate

5a:f2:d9:69:ce:32:1b:74:09:c4:b7:54:60:df:da:db:9c:db:bc:92Signer

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 403KB - Virtual size: 402KB

.data Size: 2KB - Virtual size: 85KB

.rsrc Size: 5KB - Virtual size: 5KB

6f:7b:bd:9a:41:99:1a:4f:b4:3a:7b:3d:ab:a4:c0:4e
Certificate

5a:f2:d9:69:ce:32:1b:74:09:c4:b7:54:60:df:da:db:9c:db:bc:92
Signer

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 403KB - Virtual size: 402KB

.data
Size: 2KB - Virtual size: 85KB

.rsrc
Size: 5KB - Virtual size: 5KB