b3917417552a94a6012d166ee70dda69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3917417552a94a6012d166ee70dda69_JaffaCakes118
Size

295KB
MD5

b3917417552a94a6012d166ee70dda69
SHA1

961a707e928b1aed3dc9abd0b9691149cfd4a134
SHA256

0ccdb339ffd8f0042eae5ba09f8707a1d05aea1fb919a22b4426d0c9dab6652f
SHA512

73c6e138ad9061eedc5eb8172395da7f0bf6ab6a0dd8d87bdbec7a96f9d4c4e8a664667f6223b0144067102a358e38c3ce2e3ea44094cb0f7aafac59bc40c8b0
SSDEEP

6144:NiGtsLeAlqNC+c+1PTG/qm/PgCnmUSFMhl4b+M/oI29TKY:gGtsLlt+B1PTEn/iUSFM8b+rI2OY

Score

1^/10

Malware Config

Signatures

Files

b3917417552a94a6012d166ee70dda69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

Issuer

CN=5U84

Not Before

01/06/2012, 08:28

Not After

31/12/2039, 23:59

Subject

CN=5U84

Extended Key Usages

ExtKeyUsageCodeSigning

1d:4b:a3:24:d9:7d:e3:f8:2b:68:ab:64:f5:d6:7f:8c:b7:36:e2:8d
Signer

Actual PE Digest

1d:4b:a3:24:d9:7d:e3:f8:2b:68:ab:64:f5:d6:7f:8c:b7:36:e2:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
CloseHandle
GetModuleHandleW
GetProcAddress

user32

GetDC
ReleaseDC
InvalidateRect
BeginPaint
ScrollWindow
EndPaint
PostQuitMessage
DefWindowProcA

gdi32

GetStockObject
SelectObject
GetTextMetricsA
SetBkMode
TextOutA

advapi32

RegCloseKey

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1Certificate

Extended Key Usages

1d:4b:a3:24:d9:7d:e3:f8:2b:68:ab:64:f5:d6:7f:8c:b7:36:e2:8dSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 266KB - Virtual size: 266KB

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 280B

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

1d:4b:a3:24:d9:7d:e3:f8:2b:68:ab:64:f5:d6:7f:8c:b7:36:e2:8d
Signer

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 266KB - Virtual size: 266KB

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 280B