ade8b7109491a576ef9e33c6ad175e3d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ade8b7109491a576ef9e33c6ad175e3d_JaffaCakes118
Size

297KB
MD5

ade8b7109491a576ef9e33c6ad175e3d
SHA1

5ce75d4b306c42d294c33c3b76a6723c62544a33
SHA256

ffbd31ddd22c2abf5488b073474c61454f7bf6deb10260b7551245faf5e934e8
SHA512

dc0dce9c9af62dd5f60a0ad070e09c5dff1b85794e4c99096711dfad3c4144036d315c7ba50ff82bc22d02a658ba37f1823256b4334f86c3b0306ceffd485f38
SSDEEP

6144:WjhawZHWSIg118HWULKjC7hif1mO45x3VN0cp0cyIi:yljIaC7hy45x3ko0cyIi

Score

1^/10

Malware Config

Signatures

Files

ade8b7109491a576ef9e33c6ad175e3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f35cc01b7d289ed94070fed4042cb33d

Code Sign

4c:35:75:3f:cf:2a:de:ad:46:0c:1f:dd:50:bf:2e:14
Certificate

Issuer

CN=12361235123

Not Before

26-02-2012 20:29

Not After

31-12-2039 23:59

Subject

CN=12361235123

Extended Key Usages

ExtKeyUsageCodeSigning

c2:79:cb:98:a2:25:db:e6:51:a3:56:cb:b0:7f:05:ff:74:57:ff:7a
Signer

Actual PE Digest

c2:79:cb:98:a2:25:db:e6:51:a3:56:cb:b0:7f:05:ff:74:57:ff:7a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc

advapi32

RegOpenKeyExW

comctl32

ord13
ord15
PropertySheet
CreateToolbarEx
ImageList_DragMove
ImageList_Merge
ImageList_LoadImageW
ImageList_GetDragImage
ImageList_Copy
ImageList_SetOverlayImage
ImageList_Write
ord16
CreateStatusWindowW
CreatePropertySheetPageW
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_Remove
ImageList_DragLeave
ord7
ImageList_Read
ord5
ImageList_ReplaceIcon
FlatSB_SetScrollInfo
InitMUILanguage
ImageList_SetDragCursorImage
FlatSB_EnableScrollBar
FlatSB_SetScrollProp
ImageList_SetFilter
ImageList_Duplicate
ord17
FlatSB_ShowScrollBar
ImageList_SetBkColor
InitCommonControlsEx
FlatSB_GetScrollPos
CreateStatusWindow
ImageList_LoadImageA
DestroyPropertySheetPage
DrawStatusTextW
FlatSB_GetScrollProp
ord8
ImageList_Draw
ImageList_BeginDrag
ImageList_Add
FlatSB_SetScrollRange
ImageList_AddIcon
ImageList_Create
InitializeFlatSB
_TrackMouseEvent
ImageList_EndDrag
ImageList_GetIconSize
ImageList_SetImageCount
ord2
ImageList_Replace

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textMM3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textMM9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textM10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textM11
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textM12
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f35cc01b7d289ed94070fed4042cb33d

Code Sign

4c:35:75:3f:cf:2a:de:ad:46:0c:1f:dd:50:bf:2e:14Certificate

Extended Key Usages

c2:79:cb:98:a2:25:db:e6:51:a3:56:cb:b0:7f:05:ff:74:57:ff:7aSigner

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.text11 Size: 273KB - Virtual size: 273KB

.text12 Size: 1024B - Virtual size: 912B

.textMM3 Size: 512B - Virtual size: 500B

.textMM4 Size: 512B - Virtual size: 500B

.textMM1 Size: 512B - Virtual size: 500B

.textMM5 Size: 512B - Virtual size: 500B

.textMM6 Size: 512B - Virtual size: 500B

.textMM7 Size: 512B - Virtual size: 500B

.textMM8 Size: 512B - Virtual size: 500B

.textMM9 Size: 512B - Virtual size: 500B

.textM10 Size: 512B - Virtual size: 500B

.textM11 Size: 512B - Virtual size: 500B

.textM12 Size: 512B - Virtual size: 500B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 500B

4c:35:75:3f:cf:2a:de:ad:46:0c:1f:dd:50:bf:2e:14
Certificate

c2:79:cb:98:a2:25:db:e6:51:a3:56:cb:b0:7f:05:ff:74:57:ff:7a
Signer

.text
Size: 3KB - Virtual size: 2KB

.text11
Size: 273KB - Virtual size: 273KB

.text12
Size: 1024B - Virtual size: 912B

.textMM3
Size: 512B - Virtual size: 500B

.textMM4
Size: 512B - Virtual size: 500B

.textMM1
Size: 512B - Virtual size: 500B

.textMM5
Size: 512B - Virtual size: 500B

.textMM6
Size: 512B - Virtual size: 500B

.textMM7
Size: 512B - Virtual size: 500B

.textMM8
Size: 512B - Virtual size: 500B

.textMM9
Size: 512B - Virtual size: 500B

.textM10
Size: 512B - Virtual size: 500B

.textM11
Size: 512B - Virtual size: 500B

.textM12
Size: 512B - Virtual size: 500B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 500B