438152e3237a16fd1b04af86f20f38a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

438152e3237a16fd1b04af86f20f38a2_JaffaCakes118
Size

260KB
MD5

438152e3237a16fd1b04af86f20f38a2
SHA1

58840061513bbcd456e0d0f97aca2209683a1768
SHA256

e88a825d967f2059a98513e843f66ef0192dfeed4895e1b5cf91409453e84380
SHA512

99c5c49ead81580a1ce8efebd7ea2252528f7d2e1bb395c5f390d65aa4ec14cedaff3692e2b5e7dce62111853a13a10063863291a2f7d1fb3ff1377de02d95e3
SSDEEP

3072:d4D0XQrIMiuPy8c6gre91XoJpaBM77ZTrYo/4JZ1HnCNjMh0LGfGCK7don9O6Ph6:dnovHQrraFk5TrrKrHzXfn08XPh4lREG

Score

1^/10

Malware Config

Signatures

Files

438152e3237a16fd1b04af86f20f38a2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2612726be4fd0796fe65de7f8dc68caa

Code Sign

40:92:f1:63:97:44:63:8e:4e:0c:15:08:a2:42:fc:2c
Certificate

Issuer

CN=a

Not Before

04/02/2013, 16:01

Not After

31/12/2039, 23:59

Subject

CN=a

Extended Key Usages

ExtKeyUsageCodeSigning

45:42:4e:a2:d0:4b:c9:4e:45:ad:58:da:eb:88:f3:c8:c4:8b:7a:d6
Signer

Actual PE Digest

45:42:4e:a2:d0:4b:c9:4e:45:ad:58:da:eb:88:f3:c8:c4:8b:7a:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
MultiByteToWideChar
lstrcmpA
lstrcpyW
GetStartupInfoA
GetProcAddress
GetCommandLineW
FormatMessageW
GetModuleHandleA
GetModuleFileNameW
lstrlenA

user32

LoadIconA
MessageBoxW
LoadStringW

gdi32

GetStockObject

advapi32

RegOpenKeyExA

ole32

CoInitialize
CoCreateInstance
CLSIDFromProgID
CoUninitialize

msvcrt

exit
_initterm
_exit
_except_handler3
_controlfp
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2612726be4fd0796fe65de7f8dc68caa

Code Sign

40:92:f1:63:97:44:63:8e:4e:0c:15:08:a2:42:fc:2cCertificate

Extended Key Usages

45:42:4e:a2:d0:4b:c9:4e:45:ad:58:da:eb:88:f3:c8:c4:8b:7a:d6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 512B - Virtual size: 140B

.rdata5 Size: 1024B - Virtual size: 1000B

.rdata4 Size: 1024B - Virtual size: 1000B

.rdata3 Size: 1024B - Virtual size: 1000B

.rdata2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 2KB - Virtual size: 2KB

40:92:f1:63:97:44:63:8e:4e:0c:15:08:a2:42:fc:2c
Certificate

45:42:4e:a2:d0:4b:c9:4e:45:ad:58:da:eb:88:f3:c8:c4:8b:7a:d6
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 512B - Virtual size: 140B

.rdata5
Size: 1024B - Virtual size: 1000B

.rdata4
Size: 1024B - Virtual size: 1000B

.rdata3
Size: 1024B - Virtual size: 1000B

.rdata2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 2KB - Virtual size: 2KB