2a4a6c3440f3ec27ea7b2ec417808445_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a4a6c3440f3ec27ea7b2ec417808445_JaffaCakes118
Size

250KB
MD5

2a4a6c3440f3ec27ea7b2ec417808445
SHA1

42fc9324e3b01c82fb3da9652d0749c978b24761
SHA256

8c7f028a77770997c96eb73179671987ce6bc90f4fc756fb107ee05fb89424e2
SHA512

99e738a7ac4986d04e6f52b155b88d4a374bd2afee9850ceb11a7e653431b77266dc9f4a296b7f71028daf3b21909144f6fbe3afbbbce72c931b8be2272c5614
SSDEEP

3072:7K7BCmWrTezJgNNPAAcXVBSdsuwC0A8HdWBVm:7K9CmWrTe1kFArFBcsuwn9MVm

Score

1^/10

Malware Config

Signatures

Files

2a4a6c3440f3ec27ea7b2ec417808445_JaffaCakes118
.dll windows:5 windows x86 arch:x86

92c5ab3499a947adf70ba853c19366a8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:bb:43:7d:60:98:66:28:6d:d8:39:e1:d0:03:09:f5
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02/09/2011, 00:00

Not After

01/09/2014, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:83:8d:f1:9c:1c:3a:1a:6e:9d:41:23:72:ab:e4:c2:c3:cc:b0:ef
Signer

Actual PE Digest

1a:83:8d:f1:9c:1c:3a:1a:6e:9d:41:23:72:ab:e4:c2:c3:cc:b0:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
LocalFree
GetProcAddress
FreeLibrary
QueryPerformanceCounter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
SwitchToThread
GetLastError
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapCreate
LocalAlloc
GetSystemDirectoryW
CreateFileW
GetModuleHandleW
SetLastError
LoadLibraryExW
GetModuleFileNameW
ExitProcess
DecodePointer
EncodePointer
GetCommandLineA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
WriteFile
GetStdHandle
IsProcessorFeaturePresent
HeapSize
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringW
MultiByteToWideChar
GetStringTypeW
WriteConsoleW

Exports

Exports

NvOptimusEnablementCuda
__cudaInitManagedRuntime
__cudaInitModule
__cudaRegisterDeviceFunction
__cudaRegisterFatBinary
__cudaRegisterFunction
__cudaRegisterManagedVar
__cudaRegisterPrelinkedFatBinary
__cudaRegisterShared
__cudaRegisterSharedVar
__cudaRegisterSurface
__cudaRegisterTexture
__cudaRegisterVar
__cudaUnregisterFatBinary
cudaArrayGetInfo
cudaBindSurfaceToArray
cudaBindTexture
cudaBindTexture2D
cudaBindTextureToArray
cudaBindTextureToMipmappedArray
cudaChooseDevice
cudaConfigureCall
cudaCreateChannelDesc
cudaCreateSurfaceObject
cudaCreateTextureObject
cudaD3D10GetDevice
cudaD3D10GetDevices
cudaD3D10GetDirect3DDevice
cudaD3D10MapResources
cudaD3D10RegisterResource
cudaD3D10ResourceGetMappedArray
cudaD3D10ResourceGetMappedPitch
cudaD3D10ResourceGetMappedPointer
cudaD3D10ResourceGetMappedSize
cudaD3D10ResourceGetSurfaceDimensions
cudaD3D10ResourceSetMapFlags
cudaD3D10SetDirect3DDevice
cudaD3D10UnmapResources
cudaD3D10UnregisterResource
cudaD3D11GetDevice
cudaD3D11GetDevices
cudaD3D11GetDirect3DDevice
cudaD3D11SetDirect3DDevice
cudaD3D9Begin
cudaD3D9End
cudaD3D9GetDevice
cudaD3D9GetDevices
cudaD3D9GetDirect3DDevice
cudaD3D9MapResources
cudaD3D9MapVertexBuffer
cudaD3D9RegisterResource
cudaD3D9RegisterVertexBuffer
cudaD3D9ResourceGetMappedArray
cudaD3D9ResourceGetMappedPitch
cudaD3D9ResourceGetMappedPointer
cudaD3D9ResourceGetMappedSize
cudaD3D9ResourceGetSurfaceDimensions
cudaD3D9ResourceSetMapFlags
cudaD3D9SetDirect3DDevice
cudaD3D9UnmapResources
cudaD3D9UnmapVertexBuffer
cudaD3D9UnregisterResource
cudaD3D9UnregisterVertexBuffer
cudaDestroySurfaceObject
cudaDestroyTextureObject
cudaDeviceCanAccessPeer
cudaDeviceDisablePeerAccess
cudaDeviceEnablePeerAccess
cudaDeviceGetAttribute
cudaDeviceGetByPCIBusId
cudaDeviceGetCacheConfig
cudaDeviceGetLimit
cudaDeviceGetPCIBusId
cudaDeviceGetSharedMemConfig
cudaDeviceGetStreamPriorityRange
cudaDeviceReset
cudaDeviceSetCacheConfig
cudaDeviceSetLimit
cudaDeviceSetSharedMemConfig
cudaDeviceSynchronize
cudaDriverGetVersion
cudaEventCreate
cudaEventCreateWithFlags
cudaEventDestroy
cudaEventElapsedTime
cudaEventQuery
cudaEventRecord
cudaEventSynchronize
cudaFree
cudaFreeArray
cudaFreeHost
cudaFreeMipmappedArray
cudaFuncGetAttributes
cudaFuncSetCacheConfig
cudaFuncSetSharedMemConfig
cudaGLGetDevices
cudaGLMapBufferObject
cudaGLMapBufferObjectAsync
cudaGLRegisterBufferObject
cudaGLSetBufferObjectMapFlags
cudaGLSetGLDevice
cudaGLUnmapBufferObject
cudaGLUnmapBufferObjectAsync
cudaGLUnregisterBufferObject
cudaGetChannelDesc
cudaGetDevice
cudaGetDeviceCount
cudaGetDeviceProperties
cudaGetErrorString
cudaGetExportTable
cudaGetLastError
cudaGetMipmappedArrayLevel
cudaGetSurfaceObjectResourceDesc
cudaGetSurfaceReference
cudaGetSymbolAddress
cudaGetSymbolSize
cudaGetTextureAlignmentOffset
cudaGetTextureObjectResourceDesc
cudaGetTextureObjectResourceViewDesc
cudaGetTextureObjectTextureDesc
cudaGetTextureReference
cudaGraphicsD3D10RegisterResource
cudaGraphicsD3D11RegisterResource
cudaGraphicsD3D9RegisterResource
cudaGraphicsGLRegisterBuffer
cudaGraphicsGLRegisterImage
cudaGraphicsMapResources
cudaGraphicsResourceGetMappedMipmappedArray
cudaGraphicsResourceGetMappedPointer
cudaGraphicsResourceSetMapFlags
cudaGraphicsSubResourceGetMappedArray
cudaGraphicsUnmapResources
cudaGraphicsUnregisterResource
cudaHostAlloc
cudaHostGetDevicePointer
cudaHostGetFlags
cudaHostRegister
cudaHostUnregister
cudaIpcCloseMemHandle
cudaIpcGetEventHandle
cudaIpcGetMemHandle
cudaIpcOpenEventHandle
cudaIpcOpenMemHandle
cudaLaunch
cudaMalloc
cudaMalloc3D
cudaMalloc3DArray
cudaMallocArray
cudaMallocHost
cudaMallocManaged
cudaMallocMipmappedArray
cudaMallocPitch
cudaMemGetInfo
cudaMemcpy
cudaMemcpy2D
cudaMemcpy2DArrayToArray
cudaMemcpy2DAsync
cudaMemcpy2DFromArray
cudaMemcpy2DFromArrayAsync
cudaMemcpy2DToArray
cudaMemcpy2DToArrayAsync
cudaMemcpy3D
cudaMemcpy3DAsync
cudaMemcpy3DPeer
cudaMemcpy3DPeerAsync
cudaMemcpyArrayToArray
cudaMemcpyAsync
cudaMemcpyFromArray
cudaMemcpyFromArrayAsync
cudaMemcpyFromSymbol
cudaMemcpyFromSymbolAsync
cudaMemcpyPeer
cudaMemcpyPeerAsync
cudaMemcpyToArray
cudaMemcpyToArrayAsync
cudaMemcpyToSymbol
cudaMemcpyToSymbolAsync
cudaMemset
cudaMemset2D
cudaMemset2DAsync
cudaMemset3D
cudaMemset3DAsync
cudaMemsetAsync
cudaPeekAtLastError
cudaPointerGetAttributes
cudaProfilerInitialize
cudaProfilerStart
cudaProfilerStop
cudaRuntimeGetVersion
cudaSetDevice
cudaSetDeviceFlags
cudaSetDoubleForDevice
cudaSetDoubleForHost
cudaSetValidDevices
cudaSetupArgument
cudaStreamAddCallback
cudaStreamAttachMemAsync
cudaStreamCreate
cudaStreamCreateWithFlags
cudaStreamCreateWithPriority
cudaStreamDestroy
cudaStreamGetFlags
cudaStreamGetPriority
cudaStreamQuery
cudaStreamSynchronize
cudaStreamWaitEvent
cudaThreadExit
cudaThreadGetCacheConfig
cudaThreadGetLimit
cudaThreadSetCacheConfig
cudaThreadSetLimit
cudaThreadSynchronize
cudaUnbindTexture
cudaWGLGetDevice

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92c5ab3499a947adf70ba853c19366a8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

43:bb:43:7d:60:98:66:28:6d:d8:39:e1:d0:03:09:f5Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

1a:83:8d:f1:9c:1c:3a:1a:6e:9d:41:23:72:ab:e4:c2:c3:cc:b0:efSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 10KB - Virtual size: 9KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

43:bb:43:7d:60:98:66:28:6d:d8:39:e1:d0:03:09:f5
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

1a:83:8d:f1:9c:1c:3a:1a:6e:9d:41:23:72:ab:e4:c2:c3:cc:b0:ef
Signer

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 10KB - Virtual size: 9KB