148bc45ba7ae88fdacc6eafcebaedca0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

148bc45ba7ae88fdacc6eafcebaedca0_JaffaCakes118
Size

52KB
MD5

148bc45ba7ae88fdacc6eafcebaedca0
SHA1

0c5cd83963de656906cdde18b1ccbb1098d3f78a
SHA256

cefa2937a1709f1614d97f5d29325b02ab605a4db8e62fc15681f972f8c95881
SHA512

a6f564891276fa3380c53d2c6ab105d582bc75c624ff041dca478d8c22200f3a20d319f9fbf64c81171aa8693ac64fd6d8466a9025b561c379ea8e4f2dd9d5fe
SSDEEP

1536:rNtY9NRHaHPsRVTUYdPFKrof4wV8HU3VX:rNin6HPeLcxw93VX

Score

1^/10

Malware Config

Signatures

Files

148bc45ba7ae88fdacc6eafcebaedca0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93b5201d57470bdee489ff3f4140bac0

Code Sign

54:dc:d8:b7:fa:3a:0b:58:b5:d9:f9:c8:c7:d5:25:25
Certificate

Issuer

CN=Root dddddd

Not Before

02-10-2009 08:29

Not After

31-12-2039 23:59

Subject

CN=sddsad221.ppp,O=y,1.2.840.113549.1.9.1=#130b6473616464612e7070646f

d0:c5:c2:db:64:4b:a9:c7:21:e2:ad:3f:2b:41:d6:ee:c3:6f:90:b0
Signer

Actual PE Digest

d0:c5:c2:db:64:4b:a9:c7:21:e2:ad:3f:2b:41:d6:ee:c3:6f:90:b0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
VirtualFreeEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
CreateProcessA
GetModuleFileNameA
GetCurrentProcess
SetThreadContext
ResumeThread
GetThreadContext

advapi32.dll�

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

msvcrt.dll�

malloc
fclose
??3@YAXPAX@Z
fread
fseek
fopen
free

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CBtrl
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sda
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93b5201d57470bdee489ff3f4140bac0

Code Sign

54:dc:d8:b7:fa:3a:0b:58:b5:d9:f9:c8:c7:d5:25:25Certificate

d0:c5:c2:db:64:4b:a9:c7:21:e2:ad:3f:2b:41:d6:ee:c3:6f:90:b0Signer

Headers

File Characteristics

Imports

kernel32

advapi32.dll�

msvcrt.dll�

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.CBtrl Size: 44KB - Virtual size: 44KB

.sda Size: 512B - Virtual size: 44B

54:dc:d8:b7:fa:3a:0b:58:b5:d9:f9:c8:c7:d5:25:25
Certificate

d0:c5:c2:db:64:4b:a9:c7:21:e2:ad:3f:2b:41:d6:ee:c3:6f:90:b0
Signer

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.CBtrl
Size: 44KB - Virtual size: 44KB

.sda
Size: 512B - Virtual size: 44B