0b370c2c9b2f33c325567ade069fdb5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b370c2c9b2f33c325567ade069fdb5c_JaffaCakes118
Size

17KB
MD5

0b370c2c9b2f33c325567ade069fdb5c
SHA1

21a1c53ef467c2f6f35eed716eb2f2aac1430660
SHA256

b3582f159d7c441250da62e3764812dbbde54c04da1a11bc26ee5ff3e63d6ba3
SHA512

ee064dad9f46dbeccd0c7f332af82af4819d2ef54774fa22f3c71da87c2309d60e2b18c5e427eff2a06ccba109709cbb153c9679013f06a3e3c5f256470c5e23
SSDEEP

384:4QCMLZ8t9xjQrkyzZjbxK5xshh4WWieZWtlm:4Qb81yzvwmhhder

Score

1^/10

Malware Config

Signatures

Files

0b370c2c9b2f33c325567ade069fdb5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d62affe3892bcebd51d91ebad16c648f

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

2b:df:69:2e:67:b0:c7:6c:63:38:3c:14:bc:65:9e:bd:5b:1a:3e:44
Signer

Actual PE Digest

2b:df:69:2e:67:b0:c7:6c:63:38:3c:14:bc:65:9e:bd:5b:1a:3e:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
GetProcAddress
BackupWrite
CompareStringA
CreatePipe
DeleteTimerQueue
GenerateConsoleCtrlEvent
GetAtomNameA
GetCommTimeouts
GetConsoleAliasA
GetConsoleDisplayMode
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetNamedPipeHandleStateW
GetPrivateProfileSectionW
GetShortPathNameW
GetStartupInfoW
GetSystemWindowsDirectoryA
GetThreadPriority
GlobalLock
GetWindowsDirectoryW
IsBadHugeWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
LocalSize
QueryDosDeviceW
QueueUserWorkItem
SetComputerNameW
SetConsoleMode
SetConsoleTitleA
SetThreadPriorityBoost
SetVolumeMountPointA
SetWaitableTimer
UnlockFileEx
VerSetConditionMask
WaitCommEvent
WideCharToMultiByte
WriteConsoleOutputA
WritePrivateProfileSectionA
_lwrite
lstrcmpiA
HeapUnlock
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d62affe3892bcebd51d91ebad16c648f

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

2b:df:69:2e:67:b0:c7:6c:63:38:3c:14:bc:65:9e:bd:5b:1a:3e:44Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

2b:df:69:2e:67:b0:c7:6c:63:38:3c:14:bc:65:9e:bd:5b:1a:3e:44
Signer

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB