d433784cd8455419d27f77732a0751e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d433784cd8455419d27f77732a0751e7_JaffaCakes118
Size

353KB
MD5

d433784cd8455419d27f77732a0751e7
SHA1

ba639d36e128ead1f51891cce2ee3b7b06a75eb3
SHA256

47f9c21865fd5e47a0badffbd0fa2e3bbf4a86cb418c5af399000269f461fc79
SHA512

0c6a5d0654b8fdd3b22ddd51951e74405a69ce7bfd167a4cde149bab91a384118f38a6a5edbe58ac6f4e814e188eb5f9c562157062fc02d32968e1c9bd22ca39
SSDEEP

6144:TMzQ9Sxr2I6jcZNp0H8vIz3YX5Sze2wpchpkUJ1HnBh4kHIh:FS/6jcQTKk9h1HnAh

Score

1^/10

Malware Config

Signatures

Files

d433784cd8455419d27f77732a0751e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

091bc82ee02ffd000d6a7d192bebd414

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

Issuer

CN=fbDs

Not Before

19/06/2012, 05:12

Not After

31/12/2039, 23:59

Subject

CN=fbDs

Extended Key Usages

ExtKeyUsageCodeSigning

ac:0e:8c:52:de:0a:37:c6:fb:73:9d:b6:a6:24:7e:a3:da:62:05:fd
Signer

Actual PE Digest

ac:0e:8c:52:de:0a:37:c6:fb:73:9d:b6:a6:24:7e:a3:da:62:05:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
LoadLibraryA
GetCommandLineA
CloseHandle
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
GetModuleHandleA
GetProcAddress

user32

LoadIconA
LoadCursorA

advapi32

RegCloseKey
RegOpenKeyW

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

091bc82ee02ffd000d6a7d192bebd414

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38Certificate

Extended Key Usages

ac:0e:8c:52:de:0a:37:c6:fb:73:9d:b6:a6:24:7e:a3:da:62:05:fdSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 303KB - Virtual size: 302KB

.data13 Size: 512B - Virtual size: 100B

.data12 Size: 512B - Virtual size: 100B

.data11 Size: 512B - Virtual size: 100B

.data10 Size: 512B - Virtual size: 100B

.data9 Size: 512B - Virtual size: 100B

.data8 Size: 512B - Virtual size: 100B

.data7 Size: 512B - Virtual size: 100B

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 212B

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

ac:0e:8c:52:de:0a:37:c6:fb:73:9d:b6:a6:24:7e:a3:da:62:05:fd
Signer

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 303KB - Virtual size: 302KB

.data13
Size: 512B - Virtual size: 100B

.data12
Size: 512B - Virtual size: 100B

.data11
Size: 512B - Virtual size: 100B

.data10
Size: 512B - Virtual size: 100B

.data9
Size: 512B - Virtual size: 100B

.data8
Size: 512B - Virtual size: 100B

.data7
Size: 512B - Virtual size: 100B

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 212B