000b28e7a5905b5bf3b80c6c60a5f828_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

000b28e7a5905b5bf3b80c6c60a5f828_JaffaCakes118
Size

320KB
MD5

000b28e7a5905b5bf3b80c6c60a5f828
SHA1

6c5a20303129586dac9d2d72a97735bc904e488b
SHA256

8eaf278d427baaeef159264a13d857e56adb9eaa459e538b6018e10a94322949
SHA512

06ba2c3c45d39b4d94d1119d88f8a10b1b9ebbc12cf8b2d5b4c0b8729b73bfbe1ce2ac9aa9a42d9e76f66c03aa40733ed14af3a90c6599aa0b8bb45c71b55c0a
SSDEEP

6144:hXB+l+t7LL/rbZNgmHvO5aJpMWnXmGefYXeAm3qfwwYC:2lALxNgMqmqW2JA9fYC

Score

1^/10

Malware Config

Signatures

Files

000b28e7a5905b5bf3b80c6c60a5f828_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

Issuer

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Not Before

23-01-2013 18:13

Not After

31-12-2039 23:59

Subject

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Extended Key Usages

ExtKeyUsageCodeSigning

9a:a8:65:c9:f9:26:5d:03:20:0a:58:5b:af:cc:23:0c:65:79:05:ae
Signer

Actual PE Digest

9a:a8:65:c9:f9:26:5d:03:20:0a:58:5b:af:cc:23:0c:65:79:05:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryExA

user32

PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
GetClientRect

gdi32

DeleteEnhMetaFile
CloseEnhMetaFile
LineTo
CreateEnhMetaFileA
Rectangle
MoveToEx
PlayEnhMetaFile

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6Certificate

Extended Key Usages

9a:a8:65:c9:f9:26:5d:03:20:0a:58:5b:af:cc:23:0c:65:79:05:aeSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 309KB - Virtual size: 309KB

.data Size: 1KB - Virtual size: 1KB

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

9a:a8:65:c9:f9:26:5d:03:20:0a:58:5b:af:cc:23:0c:65:79:05:ae
Signer

.text
Size: 309KB - Virtual size: 309KB

.data
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB