d6f22fd417f5c02c6634ce0d9e2fd43a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d6f22fd417f5c02c6634ce0d9e2fd43a_JaffaCakes118
Size

172KB
MD5

d6f22fd417f5c02c6634ce0d9e2fd43a
SHA1

716e312531f823c84eb08c53d12aab3c95affc0b
SHA256

6d54982c97b896f0ca38436e0f2175baec551047f81b6dd8e53538aed9e7a75a
SHA512

3c9f2ac30b209805c199973c127bb954904adb08f97b2669460725c77cd0081ff5ba24aa6eadaad835abd97566a8abaab0834e3a4b1b95f0a56ff50b9b8f699d
SSDEEP

3072:vpXwgyLX7/+b2GehVdR1o6kmf3vqyW3W74XUKMes:qlbT+SGSl9VfqyMWcUKW

Score

1^/10

Malware Config

Signatures

Files

d6f22fd417f5c02c6634ce0d9e2fd43a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

Issuer

CN=5U84

Not Before

01/06/2012, 08:28

Not After

31/12/2039, 23:59

Subject

CN=5U84

Extended Key Usages

ExtKeyUsageCodeSigning

d8:73:81:5b:19:bd:17:a7:61:75:c5:4d:84:df:0c:b1:c2:9e:78:e8
Signer

Actual PE Digest

d8:73:81:5b:19:bd:17:a7:61:75:c5:4d:84:df:0c:b1:c2:9e:78:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
CloseHandle
GetModuleHandleW
GetProcAddress

user32

GetDC
ReleaseDC
InvalidateRect
BeginPaint
ScrollWindow
EndPaint
PostQuitMessage
DefWindowProcA

gdi32

GetStockObject
SelectObject
GetTextMetricsA
SetBkMode
TextOutA

advapi32

RegCloseKey

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2e565197e385c9d09ba010f53d1f5ca

Code Sign

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1Certificate

Extended Key Usages

d8:73:81:5b:19:bd:17:a7:61:75:c5:4d:84:df:0c:b1:c2:9e:78:e8Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 53KB - Virtual size: 53KB

.data Size: 109KB - Virtual size: 109KB

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 280B

6e:d2:ef:44:b4:9e:4c:8f:4d:a7:c7:9f:37:b4:d7:a1
Certificate

d8:73:81:5b:19:bd:17:a7:61:75:c5:4d:84:df:0c:b1:c2:9e:78:e8
Signer

.text
Size: 53KB - Virtual size: 53KB

.data
Size: 109KB - Virtual size: 109KB

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 280B