eda921b3b234b970d5a0acbe63096f1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eda921b3b234b970d5a0acbe63096f1a_JaffaCakes118
Size

22KB
MD5

eda921b3b234b970d5a0acbe63096f1a
SHA1

5569587276bd8c80c646851e1c4b7ac846cf305c
SHA256

e9c1fb4cd96793b053614646454993e15787ad1d7acb590f8ae821cc789dd970
SHA512

448f36b4fce77fd7af11adc943a8712f95ecba823441cb155b6396f8deb3a9c26dec2f4d6101423d6500fe760fb9a684b1a4661c3a8a2728bef558392a128ff9
SSDEEP

192:K+Yz53hCDBfmlvW1HmdWmzudkzHD7Zq3GVlqFwnbg:FKRCDB0MHmdd6CzHqED0

Score

1^/10

Malware Config

Signatures

Files

eda921b3b234b970d5a0acbe63096f1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b884043ac6f6b4eb0f81727047b98961

Code Sign

Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

29/06/2004, 17:06

Not After

29/06/2034, 17:06

Subject

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:cc:c0:d8:de:d6
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

17/01/2011, 07:36

Not After

27/12/2011, 19:27

Subject

CN=TaxSimple,O=TaxSimple,L=RANDOLPH,ST=NJ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

20:03
Certificate

Issuer

CN=Starfield Services Root Certificate Authority,OU=http://certificates.starfieldtech.com/repository/,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

06/05/2010, 19:34

Not After

06/05/2015, 19:34

Subject

CN=Starfield Services Timestamp Authority,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2b:2a:16:f6:73:ce:4d:49:8e:53:1f:b4:c6:92:83:6b:4d:60:a8:b0
Signer

Actual PE Digest

2b:2a:16:f6:73:ce:4d:49:8e:53:1f:b4:c6:92:83:6b:4d:60:a8:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord605
ProcCallEngine
ord685
ord100

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b884043ac6f6b4eb0f81727047b98961

Code Sign

Certificate

03:01Certificate

Key Usages

04:00:cc:c0:d8:de:d6Certificate

Extended Key Usages

Key Usages

20:03Certificate

Extended Key Usages

Key Usages

2b:2a:16:f6:73:ce:4d:49:8e:53:1f:b4:c6:92:83:6b:4d:60:a8:b0Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 8KB - Virtual size: 6KB

.data Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

03:01
Certificate

04:00:cc:c0:d8:de:d6
Certificate

20:03
Certificate

2b:2a:16:f6:73:ce:4d:49:8e:53:1f:b4:c6:92:83:6b:4d:60:a8:b0
Signer

.text
Size: 8KB - Virtual size: 6KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB