2ce2d943fcacc576b7424fad47d9b8a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ce2d943fcacc576b7424fad47d9b8a1_JaffaCakes118
Size

608KB
MD5

2ce2d943fcacc576b7424fad47d9b8a1
SHA1

3fce1c0f4a9edc66bc5a900d694dac9c54cb7472
SHA256

1593cf14e0f5b0e3e4f6a65759abb8988b5f39f3d462dc6116498d8dd9f937e7
SHA512

9d34ccbbda33466af259d99614a49a9d8c811a1d029d4f73c3b9aefa2ef30a5319578a9e7318af6abc881fa80b6578a9bf6f3cd1b790ff895ce58bff9ac13e9b
SSDEEP

12288:blXfJAAzhv2SSPAGOD0MGoD0lj0wcSIUBbrtkJqxHrWf2ChZzeM3QgAzy90f:0Azhv2SSPGgMHD0ZDcQ3uJOrWf2QT3hJ

Score

1^/10

Malware Config

Signatures

Files

2ce2d943fcacc576b7424fad47d9b8a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70dfcb7f05421a411f189af5469a32d6

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:03:0f:4f:59:5e:d0
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

02/07/2014, 13:47

Not After

02/07/2015, 13:47

Subject

CN=Digital Plugin SL,O=Digital Plugin SL,L=GUIA DE ISORA,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

10:94:0f:6d:93:f9:97:f9:b5:52:43:65:4c:a7:df:22:3d:4f:60:d5
Signer

Actual PE Digest

10:94:0f:6d:93:f9:97:f9:b5:52:43:65:4c:a7:df:22:3d:4f:60:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetDC

advapi32

SetThreadToken

ole32

OleInitialize

shell32

SHGetFolderPathW

oleaut32

SystemTimeToVariantTime

shlwapi

PathFindFileNameW

gdi32

DeleteDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

dbghelp

MiniDumpWriteDump

iphlpapi

SendARP

ws2_32

WSAStartup

rpcrt4

UuidToStringA

oleacc

LresultFromObject

wininet

InternetGetLastResponseInfoW

Sections

.text
Size: 510KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70dfcb7f05421a411f189af5469a32d6

Code Sign

07Certificate

Key Usages

08:03:0f:4f:59:5e:d0Certificate

Extended Key Usages

Key Usages

10:94:0f:6d:93:f9:97:f9:b5:52:43:65:4c:a7:df:22:3d:4f:60:d5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

comdlg32

winspool.drv

oledlg

urlmon

dbghelp

iphlpapi

ws2_32

rpcrt4

oleacc

wininet

Sections

.text Size: 510KB - Virtual size: 1.9MB

.rsrc Size: 92KB - Virtual size: 96KB

.reloc Size: 512B - Virtual size: 512B

07
Certificate

08:03:0f:4f:59:5e:d0
Certificate

10:94:0f:6d:93:f9:97:f9:b5:52:43:65:4c:a7:df:22:3d:4f:60:d5
Signer

.text
Size: 510KB - Virtual size: 1.9MB

.rsrc
Size: 92KB - Virtual size: 96KB

.reloc
Size: 512B - Virtual size: 512B