004b20e782c8f948b0a51da40ff6ccb0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

004b20e782c8f948b0a51da40ff6ccb0_JaffaCakes118
Size

199KB
MD5

004b20e782c8f948b0a51da40ff6ccb0
SHA1

8b6601be92b1f0dc2605f3e69b53c95260cbbc94
SHA256

1a9548c6fb85af9485422a214f0507491bafb0dfe773667c36f60ec15d8686bf
SHA512

f20f357fe142a6644cc6f53fc36b2e17ee0fb1e8fa5d24f71edd11b30f40248833d63305959cf18cc19c88a2a2bac257ca84457c9262f556944d6b1418ce6179
SSDEEP

3072:gaaRZAquViVMgq+x+9zKfgTjVJ/yh4WXBxD7QUnN/dNvnrOQxJy4tJsxRKRckR0A:ZMn8zxyh5LQUNnOQxE4t+K3RP

Score

1^/10

Malware Config

Signatures

Files

004b20e782c8f948b0a51da40ff6ccb0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d672d057cf8d83ac2cf82c936dfce131

Code Sign

64:28:9d:ee:a9:f3:40:58:b1:23:ac:05:db:64:cb:1d
Certificate

Issuer

CN=DljJ

Not Before

14-05-2012 16:32

Not After

31-12-2039 23:59

Subject

CN=DljJ

Extended Key Usages

ExtKeyUsageCodeSigning

10:23:55:1f:fa:67:3c:43:63:77:79:0f:07:56:ec:74:cc:1b:9c:99
Signer

Actual PE Digest

10:23:55:1f:fa:67:3c:43:63:77:79:0f:07:56:ec:74:cc:1b:9c:99

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualAllocEx
TerminateProcess
RtlUnwind
GetModuleHandleW
GetProcAddress
IsDebuggerPresent

user32

LoadIconA
LoadCursorA

gdi32

GetStockObject

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegOpenKeyExA

shell32

SHChangeNotify
SHAddToRecentDocs

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

shlwapi

PathFindFileNameW
PathAppendW
PathGetDriveNumberW
PathIsUNCW
PathRemoveFileSpecW
PathUnquoteSpacesW
PathGetArgsW
PathFileExistsW
StrToIntW

imm32

ImmDisableIME

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d672d057cf8d83ac2cf82c936dfce131

Code Sign

64:28:9d:ee:a9:f3:40:58:b1:23:ac:05:db:64:cb:1dCertificate

Extended Key Usages

10:23:55:1f:fa:67:3c:43:63:77:79:0f:07:56:ec:74:cc:1b:9c:99Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

imm32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 184KB - Virtual size: 184KB

.data2 Size: 512B - Virtual size: 4B

.CRT Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 976B

64:28:9d:ee:a9:f3:40:58:b1:23:ac:05:db:64:cb:1d
Certificate

10:23:55:1f:fa:67:3c:43:63:77:79:0f:07:56:ec:74:cc:1b:9c:99
Signer

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 184KB - Virtual size: 184KB

.data2
Size: 512B - Virtual size: 4B

.CRT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 976B