ff220eee8f6f9621e6b627f50cf7c61d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff220eee8f6f9621e6b627f50cf7c61d_JaffaCakes118
Size

57KB
MD5

ff220eee8f6f9621e6b627f50cf7c61d
SHA1

3ccf911450cf2fa247115db289bdc098c4300e7c
SHA256

c86fe1c6fc6bbf7a41d47a81305d4c06098239b2de603722930a47d649530129
SHA512

74cbfc91df159182c9b09aed79a847019f168f5c03a9b5bfe3f6fcb4d32560149ee4d651ad67584637167380490fe5461f7bd439e086897d25e613746df998f6
SSDEEP

768:PHmHKO7H4kzqaiVEqFiJBZLLuoP247U8sdXzxn81XgX/GPiLu/T7GTmqKyVzbnJ4:eHJ48DUE7JrfuA77iX4XgX/GANXnu

Score

1^/10

Malware Config

Signatures

Files

ff220eee8f6f9621e6b627f50cf7c61d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5a:db:03:d5:2f:ae:d7:ef:e9:ec:87:70:5d:c6:af:a1
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

17-10-2006 00:00

Not After

16-10-2008 23:59

Subject

CN=GENUINE SOFTWARE UPDATE LIMITED,OU=Sviluppo sicuro dell'applicazione,O=GENUINE SOFTWARE UPDATE LIMITED,L=LONDON,ST=LONODN,C=UK

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0c:3e:67:45:d2:2c:bc:a6:1d:5d:82:98:ad:45:6d:b3:70:1d:56:04
Signer

Actual PE Digest

0c:3e:67:45:d2:2c:bc:a6:1d:5d:82:98:ad:45:6d:b3:70:1d:56:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 18KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c372311534116eeffdf56f3f6c69c5c

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

5a:db:03:d5:2f:ae:d7:ef:e9:ec:87:70:5d:c6:af:a1Certificate

Extended Key Usages

0c:3e:67:45:d2:2c:bc:a6:1d:5d:82:98:ad:45:6d:b3:70:1d:56:04Signer

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 18KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 16KB

.rsrc Size: 27KB - Virtual size: 28KB

.nPack Size: 4KB - Virtual size: 4KB

01
Certificate

0a
Certificate

5a:db:03:d5:2f:ae:d7:ef:e9:ec:87:70:5d:c6:af:a1
Certificate

0c:3e:67:45:d2:2c:bc:a6:1d:5d:82:98:ad:45:6d:b3:70:1d:56:04
Signer

.text
Size: 18KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 16KB

.rsrc
Size: 27KB - Virtual size: 28KB

.nPack
Size: 4KB - Virtual size: 4KB