b2fbee4f059f8cfd6497a8208be5f836_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2fbee4f059f8cfd6497a8208be5f836_JaffaCakes118
Size

373KB
MD5

b2fbee4f059f8cfd6497a8208be5f836
SHA1

37f7728e13cd0d88b17dba1ff78d89c3f337514b
SHA256

a4ebed1be9aa4ac92aa0176aa8e7fc6cfe018378031e78ce9f82ab67b2fd51c5
SHA512

e253ebd47c335fc1c579ae2d8a349b13895772c26d5edd2d85e9fde1441a00837fd21b6a0833b2408130ba37ed262d9db44353392204ab379b5c9b4e91b00894
SSDEEP

6144:lAXnw5hWD3cPkLCWp+kxLaazQ/rJ6aQ/URDERT2ElYRktprr5Gk:lAg5hg3cPkLXp+k5bzQ/V6a/t4eurEk

Score

1^/10

Malware Config

Signatures

Files

b2fbee4f059f8cfd6497a8208be5f836_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ddd94444ea7156217169d9ad049369b

Code Sign

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1
Certificate

Issuer

CN=C ibxlOWhvBPucEKWJoPYJUQsGsxSxaLOWjWWaFYYuzPQdfa piYxwiGBsyDSPrfFqjrZlSNBjVzLbCsydDyaHOceGalZOIUUoGXBqsgELoNDTpTLAjHRcXJpSdtybpBCopNakGDXToNqZ slfSbHJ

Not Before

04/07/2012, 07:44

Not After

31/12/2039, 23:59

Subject

CN=C ibxlOWhvBPucEKWJoPYJUQsGsxSxaLOWjWWaFYYuzPQdfa piYxwiGBsyDSPrfFqjrZlSNBjVzLbCsydDyaHOceGalZOIUUoGXBqsgELoNDTpTLAjHRcXJpSdtybpBCopNakGDXToNqZ slfSbHJ

Extended Key Usages

ExtKeyUsageCodeSigning

6b:8d:26:03:83:7d:b2:ce:8c:e1:7a:ec:c3:42:0f:05:76:a5:79:97
Signer

Actual PE Digest

6b:8d:26:03:83:7d:b2:ce:8c:e1:7a:ec:c3:42:0f:05:76:a5:79:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
LoadLibraryA
GetProcAddress
VirtualAllocEx
CloseHandle

advapi32

RegCloseKey

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ddd94444ea7156217169d9ad049369b

Code Sign

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1Certificate

Extended Key Usages

6b:8d:26:03:83:7d:b2:ce:8c:e1:7a:ec:c3:42:0f:05:76:a5:79:97Signer

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 512B - Virtual size: 816B

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 313KB - Virtual size: 313KB

.reloc Size: 512B - Virtual size: 220B

0b:3e:cc:a8:1f:85:19:a0:44:07:78:d6:a3:44:1a:f1
Certificate

6b:8d:26:03:83:7d:b2:ce:8c:e1:7a:ec:c3:42:0f:05:76:a5:79:97
Signer

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 512B - Virtual size: 816B

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 313KB - Virtual size: 313KB

.reloc
Size: 512B - Virtual size: 220B