e0b0c6054f121917ab07759be39d551a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0b0c6054f121917ab07759be39d551a_JaffaCakes118
Size

200KB
MD5

e0b0c6054f121917ab07759be39d551a
SHA1

88f3e232f7df5e57a9604dd7fc3ccde80c4262f1
SHA256

fd7d317f14a27d798a35e09f71711ee5da0fdbb9c4cd8548124893b21a280e72
SHA512

8e8577984b4936ba9b6a6f3bd146e733eefa19dfd2ce3c955e158b2f58190fd9dec2f8131f23cb9feedf50cae0eb45fcba7c1f6fc5810d29a0084a24cfacde4a
SSDEEP

1536:AeDhZzzNmqzKiuYWGpwJd2mlqKu8E8uhOD0avbHUt9o8eFpqa4JJyYWZFnPH70BP:AeDhxx3JZud2/lZUdDUtah4aYM2gDc1H

Score

1^/10

Malware Config

Signatures

Files

e0b0c6054f121917ab07759be39d551a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fb026361c37300c85c0c4f8978f5224d

Code Sign

09:a5:73:40:9a:23:a1:45:a7:ef:6b:d8:b3:15:5e
Certificate

Issuer

CN=lwcutuyvjqtdjpbsdofqtllvykujddlyplgxpmizmsmxwbeukbybqbtdmnpdtypshupassdidvmybwgeflcwiujhijdykcicizehxducxkmkuslrhyjkvsmzocgsrebyhifinfgpgiizhbmgfzlrqqwzbeuvnozdtmaifaeaoqawffwtnkhaqcbcsgxhgkuqdjdabrwtdrusqerengandnffgivprrykvefqovhdfcywbvrmpvwrwabditzszbolajczqccnxvybiugrxuenvocunbxgtcityssjpuoieblrtjmvpzppqvkbhbjiyaqlpggqeypayigmavczspuceityzxfmyxpoahzelovbchhyecnhdepotiolyzmwprxfcljwyflyictyvxsvsicgcyxoiaigcwwqppzeqjkfibvxuukvfelwkyoifyetbxpyfxpbvhglosywkazlhzaodywwqalembrjnudzhyffnatgkskyljge

Not Before

23/07/2012, 01:31

Not After

31/12/2039, 23:59

Subject

CN=lwcutuyvjqtdjpbsdofqtllvykujddlyplgxpmizmsmxwbeukbybqbtdmnpdtypshupassdidvmybwgeflcwiujhijdykcicizehxducxkmkuslrhyjkvsmzocgsrebyhifinfgpgiizhbmgfzlrqqwzbeuvnozdtmaifaeaoqawffwtnkhaqcbcsgxhgkuqdjdabrwtdrusqerengandnffgivprrykvefqovhdfcywbvrmpvwrwabditzszbolajczqccnxvybiugrxuenvocunbxgtcityssjpuoieblrtjmvpzppqvkbhbjiyaqlpggqeypayigmavczspuceityzxfmyxpoahzelovbchhyecnhdepotiolyzmwprxfcljwyflyictyvxsvsicgcyxoiaigcwwqppzeqjkfibvxuukvfelwkyoifyetbxpyfxpbvhglosywkazlhzaodywwqalembrjnudzhyffnatgkskyljge

Extended Key Usages

ExtKeyUsageCodeSigning

ca:00:d2:49:80:3f:5b:61:0b:a0:7b:5e:2c:a0:6d:da:41:0c:c0:29
Signer

Actual PE Digest

ca:00:d2:49:80:3f:5b:61:0b:a0:7b:5e:2c:a0:6d:da:41:0c:c0:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
lstrcatA
CloseHandle
VirtualAlloc
CreateFileA

user32

EndPaint
BeginPaint
PostQuitMessage
DefWindowProcA
LoadIconA

gdi32

StartDocW
SetWorldTransform
SetTextColor
TranslateCharsetInfo
UnrealizeObject
GetGlyphOutlineWow
XLATEOBJ_piVector
XFORMOBJ_iGetXform
UpdateICMRegKeyW
AngleArc
BitBlt
CancelDC
CreateDIBSection
CreateDIBitmap
CreateEllipticRgnIndirect
CreateFontIndirectExW
CreateICW
CreatePatternBrush
CreateSolidBrush
Ellipse
EngDeletePath
EngEraseSurface
EngFillPath
EngFindResource
EngGradientFill
EngReleaseSemaphore
EnumICMProfilesA
EnumMetaFile
EqualRgn
Escape
ExcludeClipRect
ExtEscape
FONTOBJ_pvTrueTypeFontFile
FixBrushOrgEx
FontIsLinked
GdiAddFontResourceW
GdiComment
GdiConsoleTextOut
GdiConvertPalette
GdiConvertToDevmodeW
GdiDllInitialize
GdiEntry11
GdiEntry7
GdiFixUpHandle
GdiFullscreenControl
GdiGetCharDimensions
GdiGetSpoolFileHandle
GdiPlayPageEMF
GdiReleaseLocalDC
GdiSwapBuffers
GdiValidateHandle
GetBitmapBits
GetBkColor
GetCharABCWidthsI
GetCharacterPlacementW
GetColorAdjustment
GetDCOrgEx
GetDIBits
SetTextCharacterExtra
GetMetaFileA
GetMetaFileBitsEx
GetObjectA
GetOutlineTextMetricsW
GetPolyFillMode
GetStringBitmapA
GetStringBitmapW
GetTextCharacterExtra
GetTextCharset
GetTextCharsetInfo
GetWorldTransform
ModifyWorldTransform
PATHOBJ_vEnumStart
PATHOBJ_vEnumStartClipLines
PaintRgn
Pie
PlayEnhMetaFileRecord
PolyBezier
PolyDraw
PolyTextOutW
Polyline
PtVisible
RemoveFontResourceExW
RemoveFontResourceW
ResizePalette
STROBJ_vEnumStart
SetBitmapBits
SetBkColor
SetBoundsRect
SetColorSpace
SetDIBits
SetDIBitsToDevice
SetFontEnumeration
SetGraphicsMode
SetICMProfileA
SetICMProfileW
SetLayout
SetPixel
SetPolyFillMode
SetRectRgn
UpdateColors

advapi32

RegOpenKeyExW

msvcrt

_cexit
_fdopen
_strdup
_timezone
atexit
setlocale

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb026361c37300c85c0c4f8978f5224d

Code Sign

09:a5:73:40:9a:23:a1:45:a7:ef:6b:d8:b3:15:5eCertificate

Extended Key Usages

ca:00:d2:49:80:3f:5b:61:0b:a0:7b:5e:2c:a0:6d:da:41:0c:c0:29Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 5KB

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

09:a5:73:40:9a:23:a1:45:a7:ef:6b:d8:b3:15:5e
Certificate

ca:00:d2:49:80:3f:5b:61:0b:a0:7b:5e:2c:a0:6d:da:41:0c:c0:29
Signer

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 5KB

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB