b2ef579ef63c528cd090b635db452618_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2ef579ef63c528cd090b635db452618_JaffaCakes118
Size

19KB
MD5

b2ef579ef63c528cd090b635db452618
SHA1

11ab84e67030e90bda42287e92dc5a945439243e
SHA256

e614fa7596f364651e1f53b634551cdfa1344b8882aa9d4c488e418952d7ba09
SHA512

513ad45944824de91216a3aa107edf0f8c89cb3f65d6357285991e8a875d1681c19e76785b0308422ba70b842378f6f11d9f17d5034c8730a5655b6beb19c062
SSDEEP

384:4BiU0brcamAGCyvKrzpGbgWrh+G3rfvUuS7sN83dZ:Mi5akdU3rhP3LlSYN83b

Score

1^/10

Malware Config

Signatures

Files

b2ef579ef63c528cd090b635db452618_JaffaCakes118
.exe windows:1 windows x86 arch:x86

db000b70dd3af10911343faf576fbd4a

Code Sign

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:dd
Certificate

Issuer

CN=Root Agency

Not Before

03/03/2010, 03:52

Not After

31/12/2039, 23:59

Subject

CN=soft,OU=WWW.CeleWare.NET,O=CeleWare.NET,1.2.840.113549.1.9.1=#0c10736f667440686f746d61696c2e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
DeleteFileA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
GetCommandLineA
GetFileAttributesA
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GlobalAlloc
GlobalFree
MoveFileA
MoveFileExA
RtlMoveMemory
SetFileTime
WaitForSingleObject
WinExec
WriteFile
lstrcatA

user32

CreateDesktopA
EnumWindows
FindWindowA
GetMessageA
MessageBoxA
PostQuitMessage

advapi32

RegOpenKeyA

Sections

.data
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db000b70dd3af10911343faf576fbd4a

Code Sign

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:ddCertificate

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.data Size: 512B - Virtual size: 90B

.text Size: 3KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

6c:0e:ab:48:35:95:57:7a:b8:b5:54:be:d9:b9:5e:dd
Certificate

.data
Size: 512B - Virtual size: 90B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB