8e3cfb10e5fb4d417cc310eeba3bb206_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e3cfb10e5fb4d417cc310eeba3bb206_JaffaCakes118
Size

127KB
MD5

8e3cfb10e5fb4d417cc310eeba3bb206
SHA1

68007dc6ec1e7eda51f5cd0adee439b2c15ad2e0
SHA256

95b93756b5274d5cd48f4a0ae9f8ead93d5bd5918d866049280e82aa2cf7cf1b
SHA512

27eae5efe029211948a7950a7b497a60c28548273ed4d5f0da1ca20d169e6a3199fee426f0d599c7036dbb0bd8fc58b33ac2b224994c8c0a1e4dc2ccd4bc8c8f
SSDEEP

1536:9+sRklDFMzj97hUTUMpanM/DaiH5QHdhJrJSIYlysxPgUgmyGWI9OU0wiM0kn:8lDC6UM8MN5QRrzc2C9OSiM0kn

Score

1^/10

Malware Config

Signatures

Files

8e3cfb10e5fb4d417cc310eeba3bb206_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5343039bb297b649d3d7398fbb715b2

Code Sign

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7c
Certificate

Issuer

CN=fHyv

Not Before

06/06/2012, 07:29

Not After

31/12/2039, 23:59

Subject

CN=fHyv

Extended Key Usages

ExtKeyUsageCodeSigning

0d:1f:89:7f:2c:6b:1c:22:e4:08:46:b2:a7:9b:40:2c:0d:e7:18:ea
Signer

Actual PE Digest

0d:1f:89:7f:2c:6b:1c:22:e4:08:46:b2:a7:9b:40:2c:0d:e7:18:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
CloseHandle
VirtualAllocEx

gdi32

GetStockObject

advapi32

RegCloseKey

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5343039bb297b649d3d7398fbb715b2

Code Sign

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7cCertificate

Extended Key Usages

0d:1f:89:7f:2c:6b:1c:22:e4:08:46:b2:a7:9b:40:2c:0d:e7:18:eaSigner

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 91KB - Virtual size: 90KB

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 192B

6a:00:48:28:70:01:9e:6a:b0:eb:07:41:4f:31:65:7c
Certificate

0d:1f:89:7f:2c:6b:1c:22:e4:08:46:b2:a7:9b:40:2c:0d:e7:18:ea
Signer

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 91KB - Virtual size: 90KB

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 192B