c97d6e140e5c5c318e6d2351da3ceb4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c97d6e140e5c5c318e6d2351da3ceb4d_JaffaCakes118
Size

361KB
MD5

c97d6e140e5c5c318e6d2351da3ceb4d
SHA1

7d0f5961692ad7cb72162084906c48bb99321343
SHA256

5ea6d245de7759dee29fdcf80a0015605c329fdae8bca0cc7be7656bc3667d9b
SHA512

012c65c5386075185b24133252b0117a1513627253573858d3121ce0fe6ae88b087cfaae6be8b39740c82605d7b9cb24dff2d4a85abf57f3633611c53b064006
SSDEEP

6144:xoJUnrom8WcIC/b76r+wMXv2GqGfU2qTCDF6oI2+0dEfVRPL9hTV:xInTu+kGs2qaNI0dORT9hp

Score

1^/10

Malware Config

Signatures

Files

c97d6e140e5c5c318e6d2351da3ceb4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5343039bb297b649d3d7398fbb715b2

Code Sign

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25
Certificate

Issuer

CN=5JCU

Not Before

08/06/2012, 08:28

Not After

31/12/2039, 23:59

Subject

CN=5JCU

Extended Key Usages

ExtKeyUsageCodeSigning

11:21:b4:6f:6f:8e:38:f7:11:41:09:9e:88:c8:21:a3:a8:37:f1:38
Signer

Actual PE Digest

11:21:b4:6f:6f:8e:38:f7:11:41:09:9e:88:c8:21:a3:a8:37:f1:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
CloseHandle
VirtualAllocEx

gdi32

GetStockObject

advapi32

RegCloseKey

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5343039bb297b649d3d7398fbb715b2

Code Sign

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25Certificate

Extended Key Usages

11:21:b4:6f:6f:8e:38:f7:11:41:09:9e:88:c8:21:a3:a8:37:f1:38Signer

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 315KB - Virtual size: 315KB

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 192B

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25
Certificate

11:21:b4:6f:6f:8e:38:f7:11:41:09:9e:88:c8:21:a3:a8:37:f1:38
Signer

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 315KB - Virtual size: 315KB

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 192B