b69a3792f537552bd8488a8c56838621_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b69a3792f537552bd8488a8c56838621_JaffaCakes118
Size

291KB
MD5

b69a3792f537552bd8488a8c56838621
SHA1

05409874064b5f4ec637022e3c5751fc4c34759e
SHA256

4ff2662ee7a4f4083eee27283ea61b0201e7211e69fcf50d7bf4d6adf7789682
SHA512

72c6678c1824f7288f03ab5c8df4270d780a99bae050ee6623580cb70e4ab4e95e3ca71dc829522ae7b04a86f64c2b7431bd79637b4ae97dfdd2ad6ad5a1a4c7
SSDEEP

6144:qFTb6MIvDpB7wY4n74fHyjZRVkclpy7u/qbWhpdDKEw:qQTvVZu7WoZRVNcu/qqhpc9

Score

1^/10

Malware Config

Signatures

Files

b69a3792f537552bd8488a8c56838621_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b67ddf98e9f526f61c9b48993f35f42

Code Sign

04:b4:64:7f:58:6c:a9:50:b2:7d:28:e6:d5:01:dc:6e
Certificate

Issuer

CN=SyvZ

Not Before

24/05/2012, 05:06

Not After

31/12/2039, 23:59

Subject

CN=SyvZ

Extended Key Usages

ExtKeyUsageCodeSigning

31:0b:33:8f:83:d3:e5:e2:d4:b1:57:84:a8:54:ed:78:6f:9a:63:cb
Signer

Actual PE Digest

31:0b:33:8f:83:d3:e5:e2:d4:b1:57:84:a8:54:ed:78:6f:9a:63:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
CloseHandle
VirtualAllocEx
WriteFile
GetModuleHandleW
GetProcAddress

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
InvalidateRect
BeginPaint
ScrollWindow
wsprintfA
ValidateRect
EndPaint
PostQuitMessage
DefWindowProcA

gdi32

GetStockObject
SelectObject
GetTextMetricsA
SetBkMode
TextOutA

advapi32

RegCloseKey

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b67ddf98e9f526f61c9b48993f35f42

Code Sign

04:b4:64:7f:58:6c:a9:50:b2:7d:28:e6:d5:01:dc:6eCertificate

Extended Key Usages

31:0b:33:8f:83:d3:e5:e2:d4:b1:57:84:a8:54:ed:78:6f:9a:63:cbSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 384B

04:b4:64:7f:58:6c:a9:50:b2:7d:28:e6:d5:01:dc:6e
Certificate

31:0b:33:8f:83:d3:e5:e2:d4:b1:57:84:a8:54:ed:78:6f:9a:63:cb
Signer

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 384B