d08f035183650cacc46fe902b799dfd9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d08f035183650cacc46fe902b799dfd9_JaffaCakes118
Size

21.2MB
MD5

d08f035183650cacc46fe902b799dfd9
SHA1

7204ebf57988e787885cadc05af5b1b72820aeab
SHA256

0a724364356003eb66d6bead7f34626375f1b43da83804ba95583958dfb30168
SHA512

f152ba68a1a4bbfdba0d3b72ffeeb669526003cfea35b6498dec266c85b445b009150e0c6c34e9f97ff44829a24f31bc4543f94ff5e2d37561f20466000dfdaa
SSDEEP

3072:BZugi6UlIFRrvpyx+GCef8Ftzle1qaJuoZHSk6/lLMM8zeDj5qHjx6idXGHTU:XugEC1pyB71tjHr6tgfKw6ioA

Score

1^/10

Malware Config

Signatures

Files

d08f035183650cacc46fe902b799dfd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6ce3e737552eb32d6c18547cd7cea53

Code Sign

0f:05:05:ae:8b:e9:b8:bd:4e:fc:a0:60:c8:94:3d:2a
Certificate

Issuer

CN=1,1.2.840.113549.1.9.1=#130131,0.0=#130131

Not Before

31/12/2007, 16:00

Not After

31/12/2107, 16:00

Subject

CN=1,1.2.840.113549.1.9.1=#130131,0.0=#130131

0b:ef:9a:a1:d9:f2:99:3e:a4:af:9c:5e:8a:cc:6c:e2:dd:50:8c:8a
Signer

Actual PE Digest

0b:ef:9a:a1:d9:f2:99:3e:a4:af:9c:5e:8a:cc:6c:e2:dd:50:8c:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
CreateFileA
RtlUnwind
HeapFree
ExitProcess

user32

CreateWindowExA
SetWindowLongA
CloseWindow
wsprintfA

advapi32

RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegEnumValueA

ole32

CoCreateInstanceEx
CoCreateInstance
CoInitialize
CoInitializeEx

Sections

CODE
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rc!
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jttk
Size: 21.0MB - Virtual size: 21.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6ce3e737552eb32d6c18547cd7cea53

Code Sign

0f:05:05:ae:8b:e9:b8:bd:4e:fc:a0:60:c8:94:3d:2aCertificate

0b:ef:9a:a1:d9:f2:99:3e:a4:af:9c:5e:8a:cc:6c:e2:dd:50:8c:8aSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

CODE Size: 10KB - Virtual size: 18KB

.data Size: 85KB - Virtual size: 166KB

.!rc! Size: 1024B - Virtual size: 1KB

.idata2 Size: 1024B - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.vmp0 Size: 12KB - Virtual size: 13KB

.adata Size: 68KB - Virtual size: 114KB

.jttk Size: 21.0MB - Virtual size: 21.0MB

0f:05:05:ae:8b:e9:b8:bd:4e:fc:a0:60:c8:94:3d:2a
Certificate

0b:ef:9a:a1:d9:f2:99:3e:a4:af:9c:5e:8a:cc:6c:e2:dd:50:8c:8a
Signer

CODE
Size: 10KB - Virtual size: 18KB

.data
Size: 85KB - Virtual size: 166KB

.!rc!
Size: 1024B - Virtual size: 1KB

.idata2
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB

.vmp0
Size: 12KB - Virtual size: 13KB

.adata
Size: 68KB - Virtual size: 114KB

.jttk
Size: 21.0MB - Virtual size: 21.0MB