2321c74a4717c97cef81c0ae1c900a96_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2321c74a4717c97cef81c0ae1c900a96_JaffaCakes118
Size

354KB
MD5

2321c74a4717c97cef81c0ae1c900a96
SHA1

da05a8422f48889e7b846790436c70255b0abb49
SHA256

13b21fd13347d4fdc9c476601e5a7ccaaae97a1e84828a399a470eb525fbe415
SHA512

9ad952d77a85c4ef746dda6e495a6d03f43c5b47bc18262cde6fc023afca62070aa621d20d3aa6d8a8b24a2221fc995ca6ee240e02bf60deb26fd335312bb686
SSDEEP

6144:y3KmneD0IjspM9wqoLVj37S5fixyufIBZ92Vn80lwShnm+XvDnTMqO51lxnCfueV:y66eDhjcVS5fi5fIp2VnfllRmgvDnT4M

Score

1^/10

Malware Config

Signatures

Files

2321c74a4717c97cef81c0ae1c900a96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

557ebe3be24fbb83c712781056c65714

Code Sign

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-02-2015 00:00

Not After

25-02-2016 23:59

Subject

CN=Consortium Group ltd,O=Consortium Group ltd,POSTALCODE=00152,STREET=CORNER OF GR.MARLBOROUGH UN GR.GEORGE STR.+STREET=3RD FLOOR\, C&h TOWERS\,,L=ROSEAU,ST=ROSEAU,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

97:3b:42:5c:21:f5:3f:41:41:f2:6c:16:2f:27:d5:36:b1:e1:0d:0b
Signer

Actual PE Digest

97:3b:42:5c:21:f5:3f:41:41:f2:6c:16:2f:27:d5:36:b1:e1:0d:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Write
ord17

wininet

InternetOpenA
InternetCloseHandle
HttpEndRequestA

kernel32

lstrcmpiA
GetModuleHandleW
ReadFile
GetLastError
DeleteFileW
GetCurrentProcess
GetUserDefaultLangID
CreateThread
QueryPerformanceCounter
CloseHandle
GetCurrentProcessId
GetTempPathW
CreateDirectoryW
GetTempPathA
GetSystemInfo
GetStringTypeExA
FreeResource
InterlockedIncrement
LoadLibraryA
GetSystemTimeAsFileTime
SetCurrentDirectoryW
CreateFileA
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
HeapFree
SetFilePointer
SetEndOfFile
MultiByteToWideChar
VirtualAlloc
ExitProcess
WriteFile
SetErrorMode
GetVersion
GetTickCount
GetCommandLineA
GetStartupInfoA
GetVersionExA
GetModuleHandleA
GetProcAddress
GetACP
GetCurrentThreadId
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
CreateFileMappingA

user32

ShowWindow
IsZoomed
LoadIconW
LoadCursorW
RegisterClassW
CreateWindowExW
GetWindowPlacement
GetWindowTextA
GetWindowThreadProcessId
IntersectRect
IsWindowEnabled
IsWindowVisible
GetWindowRect
CharNextW
RegisterClassExA
MessageBoxA
CreateWindowExA
GetSystemMetrics

gdi32

GetLogColorSpaceW
SetAbortProc
DeleteMetaFile
OffsetWindowOrgEx
CreateFontIndirectA
DeleteEnhMetaFile
SetEnhMetaFileBits
SetPixel
SetROP2
StretchBlt
UnrealizeObject
Rectangle
GetStockObject

comdlg32

ReplaceTextW

advapi32

AllocateAndInitializeSid
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc

oleaut32

SafeArrayCreate
VariantInit
VariantChangeType

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

557ebe3be24fbb83c712781056c65714

Code Sign

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4Certificate

Extended Key Usages

Key Usages

97:3b:42:5c:21:f5:3f:41:41:f2:6c:16:2f:27:d5:36:b1:e1:0d:0bSigner

Headers

File Characteristics

Imports

comctl32

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 284KB - Virtual size: 282KB

.data Size: 32KB - Virtual size: 30KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 28KB - Virtual size: 26KB

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4
Certificate

97:3b:42:5c:21:f5:3f:41:41:f2:6c:16:2f:27:d5:36:b1:e1:0d:0b
Signer

.text
Size: 284KB - Virtual size: 282KB

.data
Size: 32KB - Virtual size: 30KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 28KB - Virtual size: 26KB