2aeb624805ae220aebbf09325a3ce3cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aeb624805ae220aebbf09325a3ce3cd_JaffaCakes118
Size

131KB
MD5

2aeb624805ae220aebbf09325a3ce3cd
SHA1

366bf135596cbcf3cbb2325ba30b7e37482cddb1
SHA256

f496b48a1d316d89eda51380307b740e2e02d6366ac43b7f98b5a3bf6b52eec7
SHA512

a26c51c143bd659e1e685ad1925b6b184cead1d6fa6bb022e8b55cadadb060473bcc5584d96e12baf50d2dcf69c54f11370504570ac4f811e16d97732d2726b6
SSDEEP

3072:aQucyksviXzP634LQhIv2qYrfwB/LiIYyXlHaGC:tJFDb63JhB9rYNG3yXlH

Score

1^/10

Malware Config

Signatures

Files

2aeb624805ae220aebbf09325a3ce3cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a224202f0fc51d130e72e1798092187c

Code Sign

fa:12:a7:f2:cc:2e:ab:97
Certificate

Issuer

CN=Yet to supply the ripe wants of my friend

Not Before

23/11/2010, 22:57

Not After

19/08/2013, 22:57

Subject

CN=Yet to supply the ripe wants of my friend

b7:7b:a1:8f:a7:af:ab:07:23:20:4c:02:01:ca:61:09:e1:5e:de:44
Signer

Actual PE Digest

b7:7b:a1:8f:a7:af:ab:07:23:20:4c:02:01:ca:61:09:e1:5e:de:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetLastError
CreateEventA
GetCurrentThreadId
SuspendThread
GetVersion
Thread32Next
GetCurrentThread
ProcessIdToSessionId
CloseHandle
GetCurrentProcessId
GetThreadTimes
GetThreadContext
LoadLibraryA
OpenProcess
GetProcessWorkingSetSize
GetModuleHandleA
VirtualAlloc
WaitForSingleObject
GetProcAddress
IsBadReadPtr
VirtualProtectEx
GetCurrentProcess
VirtualFree
Sleep
SystemTimeToFileTime
GetSystemTime

user32

GetCursorPos
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
MessageBoxA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a224202f0fc51d130e72e1798092187c

Code Sign

fa:12:a7:f2:cc:2e:ab:97Certificate

b7:7b:a1:8f:a7:af:ab:07:23:20:4c:02:01:ca:61:09:e1:5e:de:44Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 700KB

.text Size: 123KB - Virtual size: 122KB

.rsrc Size: 2KB - Virtual size: 2KB

fa:12:a7:f2:cc:2e:ab:97
Certificate

b7:7b:a1:8f:a7:af:ab:07:23:20:4c:02:01:ca:61:09:e1:5e:de:44
Signer

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 700KB

.text
Size: 123KB - Virtual size: 122KB

.rsrc
Size: 2KB - Virtual size: 2KB