115d622a79b1fd54dfdc8e05e21d562c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

115d622a79b1fd54dfdc8e05e21d562c_JaffaCakes118
Size

191KB
MD5

115d622a79b1fd54dfdc8e05e21d562c
SHA1

fb3d546fa07641e56ad2a7dec7e65c9414cd93e5
SHA256

642f3b37a2df7fb29c1084c70b164cccfe6bada763a1d0ef8bcfaf10abfd3128
SHA512

b18dfcba6d3707f31dc929c294e82ca2ba3be7d95afb9be8ac8bc922e64aa07427e7ba28c56f49054a9467dbd2d18aeaa792594cc2667bf09ea57b0b5ed8b09e
SSDEEP

3072:jaaRZiqqQvObeUE8z7EfQUTKPoM4j9WVMThNShF/93P2bKz6C1PPr62MMuf5gLcZ:GQvMEq7ZUXhgMXS7/9f2bKzPPPrPMMu5

Score

1^/10

Malware Config

Signatures

Files

115d622a79b1fd54dfdc8e05e21d562c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d6faf3786703fea4cea813a3856473b6

Code Sign

68:1e:c1:aa:f4:98:98:a7:44:07:45:80:2a:c8:a5:d0
Certificate

Issuer

CN=F6P

Not Before

07/05/2012, 09:11

Not After

31/12/2039, 23:59

Subject

CN=F6P

Extended Key Usages

ExtKeyUsageCodeSigning

7b:5c:b7:2e:04:87:ef:98:00:dc:8f:65:64:17:5c:11:de:0c:f5:e9
Signer

Actual PE Digest

7b:5c:b7:2e:04:87:ef:98:00:dc:8f:65:64:17:5c:11:de:0c:f5:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetWindowsDirectoryW
CreateFileW
lstrcatW
VirtualAllocEx

user32

RegisterClassExA
ShowCursor
RegisterClassExW

gdi32

GetStockObject

advapi32

RegOpenKeyExA

ole32

StgOpenStorageEx

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data6
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data5
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data2
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6faf3786703fea4cea813a3856473b6

Code Sign

68:1e:c1:aa:f4:98:98:a7:44:07:45:80:2a:c8:a5:d0Certificate

Extended Key Usages

7b:5c:b7:2e:04:87:ef:98:00:dc:8f:65:64:17:5c:11:de:0c:f5:e9Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.data6 Size: 512B - Virtual size: 8B

.data3 Size: 512B - Virtual size: 4B

.data4 Size: 512B - Virtual size: 4B

.data5 Size: 512B - Virtual size: 4B

.data2 Size: 181KB - Virtual size: 180KB

.rdata Size: 512B - Virtual size: 502B

.data Size: 512B - Virtual size: 132B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 588B

68:1e:c1:aa:f4:98:98:a7:44:07:45:80:2a:c8:a5:d0
Certificate

7b:5c:b7:2e:04:87:ef:98:00:dc:8f:65:64:17:5c:11:de:0c:f5:e9
Signer

.text
Size: 2KB - Virtual size: 1KB

.data6
Size: 512B - Virtual size: 8B

.data3
Size: 512B - Virtual size: 4B

.data4
Size: 512B - Virtual size: 4B

.data5
Size: 512B - Virtual size: 4B

.data2
Size: 181KB - Virtual size: 180KB

.rdata
Size: 512B - Virtual size: 502B

.data
Size: 512B - Virtual size: 132B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 588B