ab09554db5716870e7f00df9bcd8cee4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab09554db5716870e7f00df9bcd8cee4_JaffaCakes118
Size

445KB
MD5

ab09554db5716870e7f00df9bcd8cee4
SHA1

a2b904bae984321c3bac0c06df9bd72066a7ad40
SHA256

84ef068bda84e0d4bb042fd9d49268d6aedf151155f6d98f59523b51dffc59e2
SHA512

4ae81a7f408b4575e225412ebb1e4adb2bbcae28c40a904f0dd8faecc74845d73e86f2b6b3f12e0dbdae52fff4020b4280882bdc0de6c4970fcf60b4afdf62f9
SSDEEP

12288:+3icGWVh9vHrXuUwS3Xr2xNiEec6S6ME4CG0Q+1A0/8l5:+SQlLXuUwSHUecjx0d1APl5

Score

1^/10

Malware Config

Signatures

Files

ab09554db5716870e7f00df9bcd8cee4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f5f69997c2f46665da3396721bff46e

Code Sign

27:69:65:c9:d4:62:47:6c:bb:b5:9a:0b:8c:10:2c:29
Certificate

Issuer

CN=azmkozmumgy

Not Before

22/01/2012, 19:03

Not After

31/12/2039, 23:59

Subject

CN=Kiretj

18:da:3f:95:cc:31:e7:b5:03:ad:80:3b:61:3a:2a:9e:00:97:4d:ae
Signer

Actual PE Digest

18:da:3f:95:cc:31:e7:b5:03:ad:80:3b:61:3a:2a:9e:00:97:4d:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreatePropSetStg
SetConvertStg
FmtIdToPropStgName
CoGetClassObject
OleCreateDefaultHandler
CoRevokeClassObject
OleDuplicateData
IsAccelerator
GetRunningObjectTable
OleBuildVersion
OleCreateMenuDescriptor
CLSIDFromProgID
CoGetCurrentProcess
CoGetMalloc

kernel32

GetModuleFileNameA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CompareStringW
CompareStringA
WaitForSingleObject
HeapDestroy
VirtualUnlock
GetOEMCP
OpenSemaphoreA
HeapWalk
HeapValidate
GetSystemDefaultLangID
LocalFree
WideCharToMultiByte
GetStartupInfoA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEnvironmentVariableW
TerminateProcess
GetCurrentProcess
SetEnvironmentVariableA
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
GetCPInfo
GetACP
LoadLibraryA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f5f69997c2f46665da3396721bff46e

Code Sign

27:69:65:c9:d4:62:47:6c:bb:b5:9a:0b:8c:10:2c:29Certificate

18:da:3f:95:cc:31:e7:b5:03:ad:80:3b:61:3a:2a:9e:00:97:4d:aeSigner

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 405KB - Virtual size: 495KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

27:69:65:c9:d4:62:47:6c:bb:b5:9a:0b:8c:10:2c:29
Certificate

18:da:3f:95:cc:31:e7:b5:03:ad:80:3b:61:3a:2a:9e:00:97:4d:ae
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 405KB - Virtual size: 495KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB