b5b5fdf71ddf9225060cd8c57f96284e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5b5fdf71ddf9225060cd8c57f96284e_JaffaCakes118
Size

138KB
MD5

b5b5fdf71ddf9225060cd8c57f96284e
SHA1

fc8bdc727fb3a74f0657a4bb768a698801ca6169
SHA256

ad1ebac80caa9ea97bb74c7fa99bb4e52d011580db9bf0dadfff46a25a7b961d
SHA512

939a237e3b9fe07a4b45f72ff8813d35c2c7169f871d018bd62eb5fbe812c9bbc965da8f5d498d98decf2e2b8494f1637ff5d3cbfa7e7fb8fce0b09a4ec026da
SSDEEP

3072:QWPAV/PYj7csPtYcJu8jSzTKB1PQr0i1SCPloBP3aNsM2:QgA/PUF1CnzQtROPliP3aK

Score

1^/10

Malware Config

Signatures

Files

b5b5fdf71ddf9225060cd8c57f96284e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7e62333301cd02549753b9c93204faf8

Code Sign

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2
Certificate

Issuer

CN=Application Compatibility UI

Not Before

31/12/2008, 16:00

Not After

31/12/2014, 16:00

Subject

CN=Application Compatibility UI

Extended Key Usages

ExtKeyUsageCodeSigning

6d:1d:8c:2d:25:94:8f:71:1f:a9:8b:51:4d:aa:fc:7e:72:d4:f6:7b
Signer

Actual PE Digest

6d:1d:8c:2d:25:94:8f:71:1f:a9:8b:51:4d:aa:fc:7e:72:d4:f6:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

SetPixel

wsock32

WSACleanup

wininet

InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

-
Size: - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

<
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

$
Size: - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

@
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e62333301cd02549753b9c93204faf8

Code Sign

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2Certificate

Extended Key Usages

6d:1d:8c:2d:25:94:8f:71:1f:a9:8b:51:4d:aa:fc:7e:72:d4:f6:7bSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

wsock32

wininet

Exports

Exports

Sections

- Size: - Virtual size: 143KB

+ Size: - Virtual size: 3KB

8 Size: - Virtual size: 6KB

< Size: - Virtual size: 3KB

$ Size: - Virtual size: 209B

8 Size: - Virtual size: 10KB

= Size: 512B - Virtual size: 4KB

/ Size: - Virtual size: 23KB

@ Size: 135KB - Virtual size: 134KB

6 Size: 512B - Virtual size: 176B

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2
Certificate

6d:1d:8c:2d:25:94:8f:71:1f:a9:8b:51:4d:aa:fc:7e:72:d4:f6:7b
Signer

-
Size: - Virtual size: 143KB

+
Size: - Virtual size: 3KB

8
Size: - Virtual size: 6KB

<
Size: - Virtual size: 3KB

$
Size: - Virtual size: 209B

8
Size: - Virtual size: 10KB

=
Size: 512B - Virtual size: 4KB

/
Size: - Virtual size: 23KB

@
Size: 135KB - Virtual size: 134KB

6
Size: 512B - Virtual size: 176B