10ae62fd8cb4a4f627dd988450efa2af_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10ae62fd8cb4a4f627dd988450efa2af_JaffaCakes118
Size

784KB
MD5

10ae62fd8cb4a4f627dd988450efa2af
SHA1

2d0d398539e05b88a82d748334047f4a422b8f51
SHA256

c1360ed392578d756de9ec3930219a5cfb0172246947b4ed95e35be53c6f70a0
SHA512

be992a41b079302bf279fc1e8fb465c2043303dd5bb353d14367c9d4f5937aecf8cbd759987792e509a1eaa6784cd46f317c60d3394d346f8e512ef463bff2be
SSDEEP

6144:U8004aNsnQKBBYUzHJ+Qjo1Z0Jl38WkO2UX+848ytgvk5H80xJ1Gsv7V6Zx:U8FCnbLJ+90j36WGSvk5dhS

Score

1^/10

Malware Config

Signatures

Files

10ae62fd8cb4a4f627dd988450efa2af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60a476414c29cdc23b1b09a3a9ad52a7

Code Sign

d8:dc:0a:52:df:48:fc:e1:da:ab:40:24:d6:70:90:58
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

22-08-2017 00:00

Not After

14-09-2017 23:59

Subject

CN=TOV Vizard SOFT,OU=IT,O=TOV Vizard SOFT,POSTALCODE=14000,STREET=vul. Instrumentalna\, 34-V,L=Chernihiv,ST=Chernihivska,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MapFileAndCheckSumW
MapFileAndCheckSumA

version

VerQueryValueW

setupapi

SetupGetBinaryField
SetupGetFileCompressionInfoA
SetupGetFileCompressionInfoW

kernel32

GetSystemTimeAsFileTime
CloseHandle
GetProcAddress
GetStartupInfoA
GetModuleHandleA
QueryPerformanceCounter
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCurrentThreadId
CreateFileMappingA
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetVersionExA
WriteFile
GetLastError
GetTickCount
Sleep
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

rpcrt4

NdrComplexArrayBufferSize
NdrClientInitialize
NdrClientInitializeNew
NdrClientCall2

advapi32

RegQueryValueW
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 240B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 30.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60a476414c29cdc23b1b09a3a9ad52a7

Code Sign

d8:dc:0a:52:df:48:fc:e1:da:ab:40:24:d6:70:90:58Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

imagehlp

version

setupapi

kernel32

rpcrt4

advapi32

Sections

.text Size: 224KB - Virtual size: 222KB

.idata Size: 4KB - Virtual size: 240B

.pdata Size: 348KB - Virtual size: 345KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 30.3MB

.tls Size: 4KB - Virtual size: 8B

.rsrc Size: 188KB - Virtual size: 188KB

d8:dc:0a:52:df:48:fc:e1:da:ab:40:24:d6:70:90:58
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

.text
Size: 224KB - Virtual size: 222KB

.idata
Size: 4KB - Virtual size: 240B

.pdata
Size: 348KB - Virtual size: 345KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 30.3MB

.tls
Size: 4KB - Virtual size: 8B

.rsrc
Size: 188KB - Virtual size: 188KB