ecc19a6e75196aba87b243737d5fd361_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ecc19a6e75196aba87b243737d5fd361_JaffaCakes118
Size

177KB
MD5

ecc19a6e75196aba87b243737d5fd361
SHA1

534a7a923c1005d0dc1267f05815f68268c90024
SHA256

13fdc7878c5cdbdb1853fbfd15558014a9c64d7d45fde52088e61c6b8c0beae7
SHA512

b13f07d4e1ec1719aa450516341478257c27b0e9459bd399a8f4a683a327e778e733f7eeea217bb6168433136eccd4e3261a23955e186695038707514ce4585b
SSDEEP

3072:eZIIeZuHs6psb4gdiJ0h5mnmwDCjpsZIDyIP:aia5pCqC5mnmwvMyIP

Score

1^/10

Malware Config

Signatures

Files

ecc19a6e75196aba87b243737d5fd361_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c73a47427cc41d9442154c68931bd16

Code Sign

Certificate

Issuer

CN=EKSPANDER,OU=SKIDTERASET,O=JOAH,L=ARRHENIUS,ST=FORSGSVERSIONER,C=QA,1.2.840.113549.1.9.1=#0c245544534b5249564e494e47534b4f4d4d414e444f454e53404a4f5649414c4953452e484a

Not Before

03/08/2021, 21:12

Not After

03/08/2022, 21:12

Subject

CN=EKSPANDER,OU=SKIDTERASET,O=JOAH,L=ARRHENIUS,ST=FORSGSVERSIONER,C=QA,1.2.840.113549.1.9.1=#0c245544534b5249564e494e47534b4f4d4d414e444f454e53404a4f5649414c4953452e484a

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

76:21:a9:2c:63:a1:38:73:89:aa:21:6c:23:02:8b:b7:23:33:58:b1:4e:b5:97:f1:58:4b:8a:09:2b:d1:0d:58
Signer

Actual PE Digest

76:21:a9:2c:63:a1:38:73:89:aa:21:6c:23:02:8b:b7:23:33:58:b1:4e:b5:97:f1:58:4b:8a:09:2b:d1:0d:58

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
_CIatan
_allmul
_CItan
_CIexp

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c73a47427cc41d9442154c68931bd16

Code Sign

Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

76:21:a9:2c:63:a1:38:73:89:aa:21:6c:23:02:8b:b7:23:33:58:b1:4e:b5:97:f1:58:4b:8a:09:2b:d1:0d:58Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 136KB - Virtual size: 133KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 28KB - Virtual size: 25KB

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

76:21:a9:2c:63:a1:38:73:89:aa:21:6c:23:02:8b:b7:23:33:58:b1:4e:b5:97:f1:58:4b:8a:09:2b:d1:0d:58
Signer

.text
Size: 136KB - Virtual size: 133KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 28KB - Virtual size: 25KB