a86d036d99188b1831b2fff416c3dc40_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a86d036d99188b1831b2fff416c3dc40_JaffaCakes118
Size

258KB
MD5

a86d036d99188b1831b2fff416c3dc40
SHA1

c437201e7c7f6c26f045b882d8f7d8f6b63432a7
SHA256

31f73240af90f9da0e0df2d42a8cafe788a731789068398de13b55192c2c9e72
SHA512

132a2bb3747e574cffaf0e377486f508c98395e87d4c5c349a389f6fbf40f42f44dd62f737543fd7f2663f8dddf716288e03fa7cf46a7278d22e15deefcb65ea
SSDEEP

6144:w5y3QDx4lPMV3Idu34qUyZTrVAKuTnbnTMZ1BsCtPtFBG9N:JSxae2uLDfzuTnPMZ1Dtqb

Score

1^/10

Malware Config

Signatures

Files

a86d036d99188b1831b2fff416c3dc40_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f6ce94993a3dde82ff9586226bcc84c

Code Sign

12:59:e7:bb:59:df:48:48:b1:e9:a9:bf:2e:fb:fd:26
Certificate

Issuer

CN=33188775184528842854769519987831242928526575769865653494421355221335513598563779447861493367823522126736573255644199776229399223932834716935716243916682682

Not Before

23/01/2013, 04:35

Not After

31/12/2039, 23:59

Subject

CN=33188775184528842854769519987831242928526575769865653494421355221335513598563779447861493367823522126736573255644199776229399223932834716935716243916682682

Extended Key Usages

ExtKeyUsageCodeSigning

83:3b:75:29:b1:a2:2a:d5:0f:32:73:3e:d3:d6:a1:0f:94:f2:84:08
Signer

Actual PE Digest

83:3b:75:29:b1:a2:2a:d5:0f:32:73:3e:d3:d6:a1:0f:94:f2:84:08

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

ShowWindow
LoadCursorA
LoadIconW

gdi32

GetStockObject

advapi32

GetUserNameW
StartServiceW
ReportEventW
RegisterEventSourceW
RegOpenKeyExA
QueryServiceStatus
OpenServiceW

msvcrt

_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_exit
_ftol
_initterm
_purecall
_vsnwprintf
_wcmdln
_wcsicmp
_wcslwr
_wcsnicmp
_wtoi
calloc
clearerr
exit
fclose
free
ftell
fwrite
isalpha
isspace
malloc
realloc
swprintf
swscanf
time
wcschr
wcscmp
wcscpy
wcslen
wcsncpy
wcsrchr
wcsstr

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ata4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f6ce94993a3dde82ff9586226bcc84c

Code Sign

12:59:e7:bb:59:df:48:48:b1:e9:a9:bf:2e:fb:fd:26Certificate

Extended Key Usages

83:3b:75:29:b1:a2:2a:d5:0f:32:73:3e:d3:d6:a1:0f:94:f2:84:08Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 232KB - Virtual size: 232KB

.data Size: 10KB - Virtual size: 10KB

ata4 Size: 512B - Virtual size: 100B

ata3 Size: 512B - Virtual size: 100B

ata2 Size: 512B - Virtual size: 100B

ata Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 1020B

12:59:e7:bb:59:df:48:48:b1:e9:a9:bf:2e:fb:fd:26
Certificate

83:3b:75:29:b1:a2:2a:d5:0f:32:73:3e:d3:d6:a1:0f:94:f2:84:08
Signer

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 232KB - Virtual size: 232KB

.data
Size: 10KB - Virtual size: 10KB

ata4
Size: 512B - Virtual size: 100B

ata3
Size: 512B - Virtual size: 100B

ata2
Size: 512B - Virtual size: 100B

ata
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 1020B