02c2cab1036ab40cc5c66805af83a3be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02c2cab1036ab40cc5c66805af83a3be_JaffaCakes118
Size

716KB
MD5

02c2cab1036ab40cc5c66805af83a3be
SHA1

e5793f2a82f4bac8a7291ff6f2312660707ca8ff
SHA256

01004559de9b870306581732a7755978b58c297ace0eca81a3a4e7990346d526
SHA512

fef39e403b401e5499e2aa46dcf6cedcd0a2b93a9669c8f85f79c70ffec47beca4a363d6f499cf661823eaf371bf4aa8de8259adcb014aac0c29023a49ea5b7c
SSDEEP

6144:NEz6IWqB3V1DqrAZFMvDrPe73ebFJS7HjZok4wjoGK2lvyomNsmgw4r3ArHaiIng:NlIzWOSm7xok4ZG7lvyomlyrc6iIJV0

Score

1^/10

Malware Config

Signatures

Files

02c2cab1036ab40cc5c66805af83a3be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bef78c5931c9424c8cf00c3e3607cb9

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:4f:cb:c8:6a:9f:d9:c1:60:16:f3:e9:45:a8:7c:06
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/03/2016, 00:00

Not After

25/03/2017, 23:59

Subject

CN=\"Planeta IT\"OOO,O=\"Planeta IT\"OOO,POSTALCODE=600017,STREET=40 ul.Gorkogo,L=Vladimir,ST=Vladimirskaya obl.,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

92:d8:52:3e:b3:34:e0:fc:20:a3:8b:0c:cc:22:ac:d2:c1:a9:db:7e
Signer

Actual PE Digest

92:d8:52:3e:b3:34:e0:fc:20:a3:8b:0c:cc:22:ac:d2:c1:a9:db:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
SelectObject
SetPixel

ole32

CoUninitialize
CoInitialize

user32

GetWindowTextA
GetDC
LoadIconA
ShowWindow

ws2_32

select
recv

kernel32

DeleteFileA
GetFileSize
OpenMutexW
InitializeCriticalSection
TerminateThread
CloseHandle
LoadLibraryExA
OpenMutexA
CreateThread
Sleep
DeleteFileW
InterlockedExchange
VirtualAllocEx
GetModuleHandleA
MoveFileW
GetWindowsDirectoryW
GetProcAddress
GetCurrentProcess
TerminateProcess
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
FlushFileBuffers
GetStringTypeA
GetStringTypeW
ReadFile
RaiseException
LCMapStringA
LCMapStringW
SetStdHandle
SetFilePointer

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 576KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bef78c5931c9424c8cf00c3e3607cb9

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

7e:4f:cb:c8:6a:9f:d9:c1:60:16:f3:e9:45:a8:7c:06Certificate

Extended Key Usages

Key Usages

92:d8:52:3e:b3:34:e0:fc:20:a3:8b:0c:cc:22:ac:d2:c1:a9:db:7eSigner

Headers

File Characteristics

Imports

gdi32

ole32

user32

ws2_32

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 576KB - Virtual size: 579KB

.rsrc Size: 24KB - Virtual size: 24KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

7e:4f:cb:c8:6a:9f:d9:c1:60:16:f3:e9:45:a8:7c:06
Certificate

92:d8:52:3e:b3:34:e0:fc:20:a3:8b:0c:cc:22:ac:d2:c1:a9:db:7e
Signer

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 576KB - Virtual size: 579KB

.rsrc
Size: 24KB - Virtual size: 24KB