ea1e33fdc7bfb6293490c6d193fb72ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea1e33fdc7bfb6293490c6d193fb72ba_JaffaCakes118
Size

422KB
MD5

ea1e33fdc7bfb6293490c6d193fb72ba
SHA1

e7e0d8194f6ad85e45933f4c298a02243d6dd6f8
SHA256

9aeb7981121c2448925af24591fadf2e8176d65d64c869e6d7970406df524798
SHA512

7031297604b29bb8622c444c727ad9f6e0fc08d929157d9bded744673540623c2d40ba5e9307a34816467fee46f53578fc0ccea592788cbaffd3cff0bfc60fa0
SSDEEP

12288:Z/OzT9PLWQhwpgIBA/t5tV8xjsgBov6/vYXubE/xR:3Q1/0jdO

Score

1^/10

Malware Config

Signatures

Files

ea1e33fdc7bfb6293490c6d193fb72ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8ac1f74ce7e2f93e30369fad46b3927

Code Sign

16:33:89:93:48:38:33:62:bb:7f:8d:e3:e6:81:4b:5e
Certificate

Issuer

CN=nnnnnnnnnnnnnnnn 5Aj62voAxouKxzAzBfnycaco 1pfK2bHAEb3ygu34JoJa3 xci8hyfgBsnK8jh5tioBztehviHuCyrahnu kFrm435eJdIpHBG3hsq8aodlmGkAtanx9hAAd984uf6HqG5uGzCwi3EcBfwpnuyCr3hj66MitBeqFvec KnlKlGIsmlvKjqnznrxHGykB5Ib9IhKsG2b1Jq6Fs7cBztsktdC3pyMfk62pmgvkvognKCI1zAuli7lgiH16yCy5g FmLA4lJah5agczEsdbu4G4Gpwhxy1ic1aoghpe3iJnwBoxvsDKdbM4AB3pBj8p3r1nnFje9i5adv4BzwALvjhCf2h1yEnkvphozD7l4m8Cmp9uonlku 8xqJCrnBv rzGzyrLg65CAGLgeMpKKs884AapwnEgqeKMqsncekrKhrtjfGbD6nzMDBEF jgbjtyemG99cAvuv7KLxmCbH3eoqFqEgkq4ggKaJhjw38BBjowrDxDgvm9cgvsKGftg5fbJlbA8LxiEilfLtHnHiFMvCb ili96AlqlgC wg8q mbynkHlritcyzhcB jfLqur5AlJ85EHFzD6xFI6H8zsamtHnM1D C32fu 1b7yqFhgL22ttecoFzzpBxCdtnj9mK2hhLgngA1hoooGnGEtCsz2a1ejKCqE88DJC 3D5 k2Gm5DLv8aH hALCMGGl3JLgJMEqjCarF1nCBCclxFnwI4CIA1apbgitFEf3EGxtnF5a5tbbkgwoME3FCk42rylI6vFbMEcLy pC mqFc6r7khsE7vomKhbo1s8eEu u7MlFnLmMo9pFdsdqgnixGopzJ96GjuqtdL56gmacvgdH9oykco8eBeBEtaioz78FkzitEDAIdoC3KBsxx799LCLA4wfdKavK7bJizswAagLzk6qy4MzAz4tbv9 9oqilmvtAb9gKib4f7FIICyDvcFvCHJ7wL3tvGiv F52n7Kcxco251I6AGEtriHase8y64msweK19Aud3CL6Ezw1tKIxt3Djot4Di hIg4281EvGhLGta2JsMJvCE6yhEqtx64Kf6Cq4pv2M7qMMJ66yDcHqFKngrJe8KElyABk9GqHvvovy4Gv4Ln6cJqMFcKAvmedbHphurtc5zHnHr29ErjjBGAcsIAx6cnhMsFgai5hpAE5dEip77bck7oql5rvids5gnvj7MlIABx7DFnAdo Ab8moq xBAq5j3tDrxC31zLG1D47LsyEFBzbKMzx8MgpfGssAvEgB727y71lwqo1LGclBIeqvzdLgL5hvw43G4zjCHsdmewB 9x2CmoAmAak1loG4rL 6h3x7HgsJl3aB1lJ4zCMwceHiutGtGMzv3ngvMd328avD1cto8Ldr9AJu85hc3bggyKxxvDiDFHK2CKhzdd5pI8wg41uCcCDgM7xhqgHCxfMCnk2vvdH9 HAAiwLH9iaqxp EAl3kCtAnHvg LAGLg6mlCvD6HtqkF2yL4xlpplaEtx26j5g2dy1dkr2tGLyBsFAcB4bEfFmp2x7IfcJJqpsm7GzzB8w1 tb1L1ob2p44JFvGegj54h5rAu7s82m1Lj4MI3yAwvF4doMnJCxh1wswwk2v3Mft5brKhmnocFumrC81D7bg5IEhlmxgp3ul2yFahtu4JHs1i5Izpk9gpvr3IosK7k87dInDodHbfBzw9pp6x9cDJoxv8JCurf4HItyLH7C1dtkcf97E8gmEAaHIkwLeJ c4gHdkfHr4521tvIG4BoiHGsuA1bD1JDMeodhle5bja9k26obIJCoAsxcjezFuAs4eqt3BDgrHIi3932srELEfk KcB6np9AjI1hE5jJe9qa Mb7nLxL1En9u8CFKKM1lt8qd3cCfnDdn36Cprq J8psJIFsuaB4sJHCeygBv9ia5 ayi8lKg2aKehamElbers ermclp78k 743 3vgIrLI8pAoMtAvhjh6LAqDcqdJn9EeLm4zAK7b6FLetpAtFrz3 Hwuivse1hMtfvCi9qxrbAKakDCJ9p4Fb7BmrkgxzqnhwsxJ2wBlg1tjkAzpfg2iLeyCtwl6E8CnyH2t r8opmu4Eazg6qadohFBoxMHA22KHmoLmdtuhxzIk2llbcIDuKFmjgfpjuy8ustEI7HCrq56epc gF7wr2z1rB9FCAvkb4KIalgFDvbcHnlaMIdGEe9mmppfBcg5GGwL6KIryMzl9xaCCIr6l knxkH3bFjki4F1xLaq57jMmLvbHdfl15A DvAxg i3sCuHHxde1 4KIE1LCfrDxMIfgx5Dpn16cJIfFA5jAJ8zBhkgfp1qqfif1r9rvg72KdudcLh1F3EHxfmr xx3glMAm6z bKBDLDzuDzbl9xBbuHu 3Ltdy97p7wclntcdgkg2d7yAlb7647o3D6LfBDvsot8cam4t6J4 xCCB3egp99v67HlEGLuCG5hdAlsdIg8HrmJnbefpcnnC565cu277lF7M5go8ty2D4yK2MaM 56hmmscy8bfvsmEpwBgeDmCcEM jdo4wbjp2qcA25E5Dy54oAM5uLjpKojeLMMff5mKwBltyCxK IkuK28qeF214J4Ac86fipmdb3LeovyBxdGdg9BDE5kmJmCoCip7D 384cDoAxv535IDu5hw42y622pmH85gcf96DzJKsvHaFskjltF47gnoM7Dep4 t6th 21Jp41xoumjo9CEy3KMlwhGfnun6iis7bCafy6HD5tDzDihoiB2FKjj2qGxzL6MM9eHvMnA8ibxAm6HM1zyMo6w4o edh92mpyDFB4DdL2mj3Hf3eoCEdavnjbrB4J8EIg1loxDLn47zcpMJxpLb5wG2wJdubxacCqsKFs1n3G BAI6B7Mg6fCzo893qImlgz1j wwCF7kevztoDHFFdwymoFEBhv cjbup Iyur5 Fsbfh364nir9JjfKLL9ekmv97wEMoxC27G7bx5Afekpju4aDglwiwnjt6I3coACfA35D2nnuwF4u6aoq Gpv6ea1nvqut31FC6IC9G27ghmx1Ea69h7c1wHtMDa11rlxcznIn4njq3egfpyL5C5CcbftFkryAqsCpfmD63qxIbBBrAt9zGgedrletkGba88CHAiBkDJjhC5xqj3uKIJfyIej9DE1tvk26fh9vl1fIzGMf9lDbEx2qdF4vtoea5owJrclD7Kj2rw8DkEBvLdI1gGq8CgsMdzI7a13DEj2bBf31zdnobCignF3ihKAw5AynMe7Kt4wB8ssxtb2qjuhi3B8fghm4JiaA5IbFHCqBv1vExLKDK5iBdGhkBK275lq38bJeB5By 7BEqyJvoCqM587CupMGj62Cpkjntowb75aAuyi22eoadaM4MM2yduJLedtebmrIEdyGfdvMyyvMgKgb8yIG2GDiKJ8lGkxnhvky78 eoBBhvHkIgjppIz dnJIuKlb KIBbmbhBzuKAyxz7ugBkkltCEM3uo2rwawwFMfMthBqaB7wlMjGL2i8bEDFLBDbhxIkqFi7M4GHn358c8dIaG 4aEHzKiE7bJB7LADBM56lFjHIfDjBDL3nxFvcikAgFqsclwEcvu98fBmbKaBeF7 d o24zzLtJcFo6 ruG5yjxrAh6tDd73uv2KbIJ3m4cIeK hCHslmrqK xAve5FpjbqcxvoEzd3cAlcmD 28JwisDssbjpKqH5Ikom64ekvfpcmxsn2BqtwwIskxvq4b3j9x5hKfx8MdMJLg cd bA HkjuyM1w86D6mvxmyyljrDcFysBmkpBzkj69jAxkxBAksvq5FoC1B3n39hlHmrpvM4Apesp21Hutghuiemvc2HfJDfwkobLd3v7afrHnGluBgHfadatlpd 6B63ckbIeqc9g2L8grovqw9vo21difoJzvsI9mDMhvaqylkGJFGt 3vfmmeaxrxkt5mJce4A jjjjjjjjjjjjjjjjjj

Not Before

28/12/2012, 05:35

Not After

31/12/2039, 23:59

Subject

CN=nnnnnnnnnnnnnnnn 5Aj62voAxouKxzAzBfnycaco 1pfK2bHAEb3ygu34JoJa3 xci8hyfgBsnK8jh5tioBztehviHuCyrahnu kFrm435eJdIpHBG3hsq8aodlmGkAtanx9hAAd984uf6HqG5uGzCwi3EcBfwpnuyCr3hj66MitBeqFvec KnlKlGIsmlvKjqnznrxHGykB5Ib9IhKsG2b1Jq6Fs7cBztsktdC3pyMfk62pmgvkvognKCI1zAuli7lgiH16yCy5g FmLA4lJah5agczEsdbu4G4Gpwhxy1ic1aoghpe3iJnwBoxvsDKdbM4AB3pBj8p3r1nnFje9i5adv4BzwALvjhCf2h1yEnkvphozD7l4m8Cmp9uonlku 8xqJCrnBv rzGzyrLg65CAGLgeMpKKs884AapwnEgqeKMqsncekrKhrtjfGbD6nzMDBEF jgbjtyemG99cAvuv7KLxmCbH3eoqFqEgkq4ggKaJhjw38BBjowrDxDgvm9cgvsKGftg5fbJlbA8LxiEilfLtHnHiFMvCb ili96AlqlgC wg8q mbynkHlritcyzhcB jfLqur5AlJ85EHFzD6xFI6H8zsamtHnM1D C32fu 1b7yqFhgL22ttecoFzzpBxCdtnj9mK2hhLgngA1hoooGnGEtCsz2a1ejKCqE88DJC 3D5 k2Gm5DLv8aH hALCMGGl3JLgJMEqjCarF1nCBCclxFnwI4CIA1apbgitFEf3EGxtnF5a5tbbkgwoME3FCk42rylI6vFbMEcLy pC mqFc6r7khsE7vomKhbo1s8eEu u7MlFnLmMo9pFdsdqgnixGopzJ96GjuqtdL56gmacvgdH9oykco8eBeBEtaioz78FkzitEDAIdoC3KBsxx799LCLA4wfdKavK7bJizswAagLzk6qy4MzAz4tbv9 9oqilmvtAb9gKib4f7FIICyDvcFvCHJ7wL3tvGiv F52n7Kcxco251I6AGEtriHase8y64msweK19Aud3CL6Ezw1tKIxt3Djot4Di hIg4281EvGhLGta2JsMJvCE6yhEqtx64Kf6Cq4pv2M7qMMJ66yDcHqFKngrJe8KElyABk9GqHvvovy4Gv4Ln6cJqMFcKAvmedbHphurtc5zHnHr29ErjjBGAcsIAx6cnhMsFgai5hpAE5dEip77bck7oql5rvids5gnvj7MlIABx7DFnAdo Ab8moq xBAq5j3tDrxC31zLG1D47LsyEFBzbKMzx8MgpfGssAvEgB727y71lwqo1LGclBIeqvzdLgL5hvw43G4zjCHsdmewB 9x2CmoAmAak1loG4rL 6h3x7HgsJl3aB1lJ4zCMwceHiutGtGMzv3ngvMd328avD1cto8Ldr9AJu85hc3bggyKxxvDiDFHK2CKhzdd5pI8wg41uCcCDgM7xhqgHCxfMCnk2vvdH9 HAAiwLH9iaqxp EAl3kCtAnHvg LAGLg6mlCvD6HtqkF2yL4xlpplaEtx26j5g2dy1dkr2tGLyBsFAcB4bEfFmp2x7IfcJJqpsm7GzzB8w1 tb1L1ob2p44JFvGegj54h5rAu7s82m1Lj4MI3yAwvF4doMnJCxh1wswwk2v3Mft5brKhmnocFumrC81D7bg5IEhlmxgp3ul2yFahtu4JHs1i5Izpk9gpvr3IosK7k87dInDodHbfBzw9pp6x9cDJoxv8JCurf4HItyLH7C1dtkcf97E8gmEAaHIkwLeJ c4gHdkfHr4521tvIG4BoiHGsuA1bD1JDMeodhle5bja9k26obIJCoAsxcjezFuAs4eqt3BDgrHIi3932srELEfk KcB6np9AjI1hE5jJe9qa Mb7nLxL1En9u8CFKKM1lt8qd3cCfnDdn36Cprq J8psJIFsuaB4sJHCeygBv9ia5 ayi8lKg2aKehamElbers ermclp78k 743 3vgIrLI8pAoMtAvhjh6LAqDcqdJn9EeLm4zAK7b6FLetpAtFrz3 Hwuivse1hMtfvCi9qxrbAKakDCJ9p4Fb7BmrkgxzqnhwsxJ2wBlg1tjkAzpfg2iLeyCtwl6E8CnyH2t r8opmu4Eazg6qadohFBoxMHA22KHmoLmdtuhxzIk2llbcIDuKFmjgfpjuy8ustEI7HCrq56epc gF7wr2z1rB9FCAvkb4KIalgFDvbcHnlaMIdGEe9mmppfBcg5GGwL6KIryMzl9xaCCIr6l knxkH3bFjki4F1xLaq57jMmLvbHdfl15A DvAxg i3sCuHHxde1 4KIE1LCfrDxMIfgx5Dpn16cJIfFA5jAJ8zBhkgfp1qqfif1r9rvg72KdudcLh1F3EHxfmr xx3glMAm6z bKBDLDzuDzbl9xBbuHu 3Ltdy97p7wclntcdgkg2d7yAlb7647o3D6LfBDvsot8cam4t6J4 xCCB3egp99v67HlEGLuCG5hdAlsdIg8HrmJnbefpcnnC565cu277lF7M5go8ty2D4yK2MaM 56hmmscy8bfvsmEpwBgeDmCcEM jdo4wbjp2qcA25E5Dy54oAM5uLjpKojeLMMff5mKwBltyCxK IkuK28qeF214J4Ac86fipmdb3LeovyBxdGdg9BDE5kmJmCoCip7D 384cDoAxv535IDu5hw42y622pmH85gcf96DzJKsvHaFskjltF47gnoM7Dep4 t6th 21Jp41xoumjo9CEy3KMlwhGfnun6iis7bCafy6HD5tDzDihoiB2FKjj2qGxzL6MM9eHvMnA8ibxAm6HM1zyMo6w4o edh92mpyDFB4DdL2mj3Hf3eoCEdavnjbrB4J8EIg1loxDLn47zcpMJxpLb5wG2wJdubxacCqsKFs1n3G BAI6B7Mg6fCzo893qImlgz1j wwCF7kevztoDHFFdwymoFEBhv cjbup Iyur5 Fsbfh364nir9JjfKLL9ekmv97wEMoxC27G7bx5Afekpju4aDglwiwnjt6I3coACfA35D2nnuwF4u6aoq Gpv6ea1nvqut31FC6IC9G27ghmx1Ea69h7c1wHtMDa11rlxcznIn4njq3egfpyL5C5CcbftFkryAqsCpfmD63qxIbBBrAt9zGgedrletkGba88CHAiBkDJjhC5xqj3uKIJfyIej9DE1tvk26fh9vl1fIzGMf9lDbEx2qdF4vtoea5owJrclD7Kj2rw8DkEBvLdI1gGq8CgsMdzI7a13DEj2bBf31zdnobCignF3ihKAw5AynMe7Kt4wB8ssxtb2qjuhi3B8fghm4JiaA5IbFHCqBv1vExLKDK5iBdGhkBK275lq38bJeB5By 7BEqyJvoCqM587CupMGj62Cpkjntowb75aAuyi22eoadaM4MM2yduJLedtebmrIEdyGfdvMyyvMgKgb8yIG2GDiKJ8lGkxnhvky78 eoBBhvHkIgjppIz dnJIuKlb KIBbmbhBzuKAyxz7ugBkkltCEM3uo2rwawwFMfMthBqaB7wlMjGL2i8bEDFLBDbhxIkqFi7M4GHn358c8dIaG 4aEHzKiE7bJB7LADBM56lFjHIfDjBDL3nxFvcikAgFqsclwEcvu98fBmbKaBeF7 d o24zzLtJcFo6 ruG5yjxrAh6tDd73uv2KbIJ3m4cIeK hCHslmrqK xAve5FpjbqcxvoEzd3cAlcmD 28JwisDssbjpKqH5Ikom64ekvfpcmxsn2BqtwwIskxvq4b3j9x5hKfx8MdMJLg cd bA HkjuyM1w86D6mvxmyyljrDcFysBmkpBzkj69jAxkxBAksvq5FoC1B3n39hlHmrpvM4Apesp21Hutghuiemvc2HfJDfwkobLd3v7afrHnGluBgHfadatlpd 6B63ckbIeqc9g2L8grovqw9vo21difoJzvsI9mDMhvaqylkGJFGt 3vfmmeaxrxkt5mJce4A jjjjjjjjjjjjjjjjjj

Extended Key Usages

ExtKeyUsageCodeSigning

6e:7e:dc:88:59:23:13:13:5e:47:69:32:59:a2:7a:a6:a9:82:5f:c8
Signer

Actual PE Digest

6e:7e:dc:88:59:23:13:13:5e:47:69:32:59:a2:7a:a6:a9:82:5f:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

CharPrevA
CheckDlgButton
CheckRadioButton
EnableWindow
GetDC
GetDlgItem
GetDlgItemTextA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
IsDlgButtonChecked
CharNextA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetWindowLongA
ShowWindow
wsprintfA
CallWindowProcA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
LoadStringA

gdi32

CreateFontIndirectA
GetObjectA
GetDeviceCaps
DeleteObject
GetStockObject

advapi32

RegOpenKeyW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

m3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ac1f74ce7e2f93e30369fad46b3927

Code Sign

16:33:89:93:48:38:33:62:bb:7f:8d:e3:e6:81:4b:5eCertificate

Extended Key Usages

6e:7e:dc:88:59:23:13:13:5e:47:69:32:59:a2:7a:a6:a9:82:5f:c8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

m3 Size: 512B - Virtual size: 100B

.data Size: 350KB - Virtual size: 349KB

.data2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 41KB - Virtual size: 40KB

16:33:89:93:48:38:33:62:bb:7f:8d:e3:e6:81:4b:5e
Certificate

6e:7e:dc:88:59:23:13:13:5e:47:69:32:59:a2:7a:a6:a9:82:5f:c8
Signer

.text
Size: 4KB - Virtual size: 3KB

m3
Size: 512B - Virtual size: 100B

.data
Size: 350KB - Virtual size: 349KB

.data2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 41KB - Virtual size: 40KB