211fd20451f5f7b8b1613bf05b1f0908_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

211fd20451f5f7b8b1613bf05b1f0908_JaffaCakes118
Size

1.2MB
MD5

211fd20451f5f7b8b1613bf05b1f0908
SHA1

7062cab955b650c013230416334773bee9f80013
SHA256

03dd541b0dc0766eb19de99c6d3d27bbccfc5eb0e11ae056711bee61a67e8a9d
SHA512

21e5382f17b52b357166f5d31710031b1c25fd358c1fb99bb12118b7682aebdcedacc9f905150c7894e8005f9891c900db6504734060dfd9093f69c709917961
SSDEEP

24576:e6cWC3bY3O4quMYSPPAzSanJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJz:jcWCLWxMfHAzrJJJJJJJJJJJJJJJJJJz

Score

1^/10

Malware Config

Signatures

Files

211fd20451f5f7b8b1613bf05b1f0908_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f31299d04497b4d5a9537080ac73d2ad

Code Sign

01
Certificate

Issuer

CN=AereoControls,O=StarCina Corp.,C=CN

Not Before

30-01-2019 21:23

Not After

29-01-2021 21:23

Subject

CN=AereoControls,O=StarCina Corp.,C=CN

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b7:18:5d:86:da:10:0f:00:ea:18:11:02:7f:c5:04:69:3e:50:5f:2a:d3:69:3f:a9:a7:1d:af:38:d9:eb:fe:38
Signer

Actual PE Digest

b7:18:5d:86:da:10:0f:00:ea:18:11:02:7f:c5:04:69:3e:50:5f:2a:d3:69:3f:a9:a7:1d:af:38:d9:eb:fe:38

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord516
_adj_fprem1
__vbaSetSystemError
__vbaLenBstrB
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord520
__vbaFpR8
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaAryConstruct2
__vbaVarTstEq
DllFunctionCall
__vbaLbound
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaStrToAnsi
ord616
ord617
_CIatan
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 768KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f31299d04497b4d5a9537080ac73d2ad

Code Sign

01Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

b7:18:5d:86:da:10:0f:00:ea:18:11:02:7f:c5:04:69:3e:50:5f:2a:d3:69:3f:a9:a7:1d:af:38:d9:eb:fe:38Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 768KB - Virtual size: 764KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 396KB - Virtual size: 393KB

01
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

b7:18:5d:86:da:10:0f:00:ea:18:11:02:7f:c5:04:69:3e:50:5f:2a:d3:69:3f:a9:a7:1d:af:38:d9:eb:fe:38
Signer

.text
Size: 768KB - Virtual size: 764KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 396KB - Virtual size: 393KB