eb4faf00edf2ccdab4126200572c7663_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb4faf00edf2ccdab4126200572c7663_JaffaCakes118
Size

257KB
MD5

eb4faf00edf2ccdab4126200572c7663
SHA1

c8eaaf5c3cff96033e63f69b0f796fa754d0c855
SHA256

b41ea0064fc0dbda2852c7d5e4b964fbe4ee542d978c0ea3391d7acc35d3b85b
SHA512

66915869b20665c805fb32b51ef4bf5005e1a4f64cf11d42247e8a8012f2b3bf4558f28eac49710a6f4aaad34d14e951d972657f6e0a80d072f6d3d5a8b6ddd2
SSDEEP

6144:7v8fA62Er0pcOlFNMyd1r1gmfretcokiqASYgDe7t1:g465IMy/3freyoZ9gIt1

Score

1^/10

Malware Config

Signatures

Files

eb4faf00edf2ccdab4126200572c7663_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b84f814c7d23b57c3c46fbd3abdaf1f4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:b4:d9:2c:db:bc:4d:35:f7:96:eb:93:94:cb:f8:3d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

11/09/2009, 00:00

Not After

01/10/2012, 23:59

Subject

CN=ArcaBit Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=ArcaBit,O=ArcaBit Ltd.,L=Warsaw,ST=Warsaw,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:fb:ca:fe:8a:85:e1:d5:67:55:63:16:cd:ed:5c:24:e9:25:2b:5d
Signer

Actual PE Digest

ee:fb:ca:fe:8a:85:e1:d5:67:55:63:16:cd:ed:5c:24:e9:25:2b:5d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenWaitableTimerW
GetProcAddress
GetACP
GetWindowsDirectoryW
GetNumberFormatW
GetStartupInfoA
CreateThread
GetDateFormatW
LoadLibraryW
GetFullPathNameA
GetCommandLineW
LoadLibraryA
GetCalendarInfoW

user32

EnableWindow
SetTimer
EnumDesktopsW
EnumClipboardFormats
GetWindowDC
DialogBoxIndirectParamW
TrackPopupMenu
GetSysColorBrush
SetWindowTextA
IsWindow
OffsetRect
MessageBeep
CreateDesktopA
MonitorFromRect
CreateDesktopW
PeekMessageW
IsIconic
GetMenuItemRect
WinHelpA
DeleteMenu
CopyRect
GetClassLongA
CreateWindowExA
DefDlgProcW
GetMessageW
GetActiveWindow
RegisterWindowMessageW
EnumDesktopWindows
DefDlgProcA

gdi32

GetBoundsRect
ExtCreateRegion
DeleteObject
CloseFigure
FillRgn
SwapBuffers
GetICMProfileA
RestoreDC

advapi32

RegFlushKey
RegEnumValueW

ole32

CoGetClassVersion
CoCreateInstanceEx
OleSaveToStream
CreateErrorInfo
CoInitializeEx
CoDosDateTimeToFileTime

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c&/
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0{93{+
Size: 1KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D4-
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.W
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2_D
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l8,")/
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.}b56
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._+
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..9.2
Size: 1024B - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7rA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 210KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84f814c7d23b57c3c46fbd3abdaf1f4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

11:b4:d9:2c:db:bc:4d:35:f7:96:eb:93:94:cb:f8:3dCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

ee:fb:ca:fe:8a:85:e1:d5:67:55:63:16:cd:ed:5c:24:e9:25:2b:5dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.rdata Size: 2KB - Virtual size: 1KB

.c&/ Size: 1KB - Virtual size: 2KB

.0{93{+ Size: 1KB - Virtual size: 21KB

.text Size: 13KB - Virtual size: 12KB

.D4- Size: 1024B - Virtual size: 20KB

.W Size: 1KB - Virtual size: 12KB

.2_D Size: 1024B - Virtual size: 18KB

.l8,")/ Size: 1KB - Virtual size: 3KB

.}b56 Size: 1024B - Virtual size: 6KB

._+ Size: 14KB - Virtual size: 14KB

..9.2 Size: 1024B - Virtual size: 27KB

.7rA Size: 1KB - Virtual size: 1KB

.rsrc Size: 210KB - Virtual size: 268KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

11:b4:d9:2c:db:bc:4d:35:f7:96:eb:93:94:cb:f8:3d
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

ee:fb:ca:fe:8a:85:e1:d5:67:55:63:16:cd:ed:5c:24:e9:25:2b:5d
Signer

.rdata
Size: 2KB - Virtual size: 1KB

.c&/
Size: 1KB - Virtual size: 2KB

.0{93{+
Size: 1KB - Virtual size: 21KB

.text
Size: 13KB - Virtual size: 12KB

.D4-
Size: 1024B - Virtual size: 20KB

.W
Size: 1KB - Virtual size: 12KB

.2_D
Size: 1024B - Virtual size: 18KB

.l8,")/
Size: 1KB - Virtual size: 3KB

.}b56
Size: 1024B - Virtual size: 6KB

._+
Size: 14KB - Virtual size: 14KB

..9.2
Size: 1024B - Virtual size: 27KB

.7rA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 210KB - Virtual size: 268KB