2b0e7abb8790510d8f47774373e36924_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b0e7abb8790510d8f47774373e36924_JaffaCakes118
Size

320KB
MD5

2b0e7abb8790510d8f47774373e36924
SHA1

f6afe45e2d0faf6dce17695bfec99c101beffd76
SHA256

7517bcd2887a8bf91a36356a6ca878815fa7c1d8c9601beb9453914a68c9ec42
SHA512

fc8cd279020cdb8c7f38bd7d244df01c7760bb285e423c98d73f9188f0f7e48fc1bc4ac4ecbe32a89894442f7d8b067834c9c37360fe0eb2027f69a8d341e967
SSDEEP

6144:DXB+l+DIpL7/1bZNgmHvO5aJpMWnXmGefYXeAm3qfwwYv:clIs7PNgMqmqW2JA9fYv

Score

1^/10

Malware Config

Signatures

Files

2b0e7abb8790510d8f47774373e36924_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

Issuer

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Not Before

23/01/2013, 18:13

Not After

31/12/2039, 23:59

Subject

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Extended Key Usages

ExtKeyUsageCodeSigning

b9:ef:ee:d4:2d:66:2a:ad:e4:f0:b3:a8:ff:b9:b8:98:fb:35:7f:5b
Signer

Actual PE Digest

b9:ef:ee:d4:2d:66:2a:ad:e4:f0:b3:a8:ff:b9:b8:98:fb:35:7f:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryExA

user32

PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
GetClientRect

gdi32

DeleteEnhMetaFile
CloseEnhMetaFile
LineTo
CreateEnhMetaFileA
Rectangle
MoveToEx
PlayEnhMetaFile

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6Certificate

Extended Key Usages

b9:ef:ee:d4:2d:66:2a:ad:e4:f0:b3:a8:ff:b9:b8:98:fb:35:7f:5bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 309KB - Virtual size: 309KB

.data Size: 1KB - Virtual size: 1KB

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

b9:ef:ee:d4:2d:66:2a:ad:e4:f0:b3:a8:ff:b9:b8:98:fb:35:7f:5b
Signer

.text
Size: 309KB - Virtual size: 309KB

.data
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB