281d7cc8c28890ea99a1b82c00fd72a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

281d7cc8c28890ea99a1b82c00fd72a5_JaffaCakes118
Size

115KB
MD5

281d7cc8c28890ea99a1b82c00fd72a5
SHA1

0b24d543ac94b8ab1e92820a363f67cd67eee9ce
SHA256

74b7107802a7c666e1ef42ac7aef7effbe7ad97e1f417d4fadb84a2e78484a8a
SHA512

9f27d5ae21d55762791b737d0ebf31e2fba03b389092d4f5b79a6750661589c91d21ea661953a310ebb471557ed179d7e0dea5722eb37915e9c1709c125bd0a5
SSDEEP

1536:iUYBqDUIU4iqzgGDHh2zslKz7a1iwcwxjrN7UnYuW/KI+i91bGylB0Y1KuNK+3xj:FUqYj5qzr2zlq1iwtzUIPLGs0+3xec

Score

1^/10

Malware Config

Signatures

Files

281d7cc8c28890ea99a1b82c00fd72a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86b5f68fa752116d32565189a84c52b3

Code Sign

7d:ae:78:1b:c9:81:66:b0:47:c1:e0:32:61:c6:ab:b8
Certificate

Issuer

CN=Root Agency

Not Before

29/12/2010, 04:36

Not After

31/12/2039, 23:59

Subject

CN=Avira GmbH

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
GetModuleFileNameA
FindClose
FindFirstFileA
ReadFile
GetFileSize
CreateFileA
SetSystemTime
GetCurrentThreadId
CloseHandle
DeleteFileA
QueryPerformanceCounter
QueryPerformanceFrequency
GetStartupInfoA
GetSystemTime
GetVersion
LoadLibraryA
GetModuleHandleA
GetTickCount
VirtualProtectEx
MultiByteToWideChar
Sleep

user32

GetMessageA
PostThreadMessageA
GetInputState

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_stricmp
memset
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
strlen
strcpy
strcat
memcmp
memcpy
strncpy
strchr
fclose
fwrite
fopen
_exit
_XcptFilter
exit
_acmdln

shlwapi

SHSetValueA
SHGetValueA
StrStrIA
SHDeleteKeyA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86b5f68fa752116d32565189a84c52b3

Code Sign

7d:ae:78:1b:c9:81:66:b0:47:c1:e0:32:61:c6:ab:b8Certificate

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcrt

shlwapi

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 1024B - Virtual size: 960B

7d:ae:78:1b:c9:81:66:b0:47:c1:e0:32:61:c6:ab:b8
Certificate

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 1024B - Virtual size: 960B