2ea1e8b7dd42d7e356408b2960e72fc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ea1e8b7dd42d7e356408b2960e72fc7_JaffaCakes118
Size

230KB
MD5

2ea1e8b7dd42d7e356408b2960e72fc7
SHA1

57986cfc052e3d2ea4692661781fe2ad713d8773
SHA256

525777b0310cc318e334716b333751eca36e246589350c5377329b19372ad753
SHA512

a0b19cc114d0779b8a000bb3b1cc5a9137ddbfa4455763164414f00866ef0d2b90c5aa0e6535c10dde20a433434135a0d6b1d95a47a1b6f6cb2aad1503e2f254
SSDEEP

3072:U4n7iuOKpbRi2daM2rTXOo0kjS+h3C4wVe3yewgGCkZ3n4nMFdyF:j77bzdaFOoJfwoFwgFkZ34nMF0

Score

1^/10

Malware Config

Signatures

Files

2ea1e8b7dd42d7e356408b2960e72fc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c0bd7a835fc949de4fbfb58383964c1

Code Sign

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:31:89:c6:37:e8
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

02/08/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:2c:cb:a9:49:bb:94:24:e9:8f:41:6f:ad:41
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

02/08/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:54:b8:7f:1e:14:53:ad:37:fa:a1:78
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

19/02/2018, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for MS Authenticode advanced - G2

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:12:06:35:ed:eb:e9:6f:75:80:a7:6f:c7:a2:47:b1:2d
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

19/02/2016, 06:36

Not After

19/05/2019, 07:18

Subject

CN=UBcare Co.\,Ltd.,OU=Dev Team,O=UBcare Co.\,Ltd.,L=Guro-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

db:2d:bd:93:ec:91:fd:fc:f4:50:8c:d5:5c:53:f7:25:09:c2:a9:1f:69:c9:c4:b8:54:60:df:29:70:e1:83:d3
Signer

Actual PE Digest

db:2d:bd:93:ec:91:fd:fc:f4:50:8c:d5:5c:53:f7:25:09:c2:a9:1f:69:c9:c4:b8:54:60:df:29:70:e1:83:d3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord691
ord588
ord696
MethCallEngine
ord513
ord516
ord517
ord519
ord660
ord662
ord556
ord557
ord595
ord598
ord599
ord520
ord631
ord525
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
ord560
DllFunctionCall
ord670
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord531
ord716
ord717
ProcCallEngine
ord644
ord537
ord645
ord573
ord681
ord685
ord100
ord616
ord617
ord618
ord619
ord546
ord580
ord581

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c0bd7a835fc949de4fbfb58383964c1

Code Sign

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

04:00:00:00:00:01:31:89:c6:37:e8Certificate

Extended Key Usages

Key Usages

47:2c:cb:a9:49:bb:94:24:e9:8f:41:6f:ad:41Certificate

Extended Key Usages

Key Usages

24:54:b8:7f:1e:14:53:ad:37:fa:a1:78Certificate

Extended Key Usages

Key Usages

11:21:12:06:35:ed:eb:e9:6f:75:80:a7:6f:c7:a2:47:b1:2dCertificate

Extended Key Usages

Key Usages

db:2d:bd:93:ec:91:fd:fc:f4:50:8c:d5:5c:53:f7:25:09:c2:a9:1f:69:c9:c4:b8:54:60:df:29:70:e1:83:d3Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 216KB - Virtual size: 214KB

.data Size: - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 3KB

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:31:89:c6:37:e8
Certificate

47:2c:cb:a9:49:bb:94:24:e9:8f:41:6f:ad:41
Certificate

24:54:b8:7f:1e:14:53:ad:37:fa:a1:78
Certificate

11:21:12:06:35:ed:eb:e9:6f:75:80:a7:6f:c7:a2:47:b1:2d
Certificate

db:2d:bd:93:ec:91:fd:fc:f4:50:8c:d5:5c:53:f7:25:09:c2:a9:1f:69:c9:c4:b8:54:60:df:29:70:e1:83:d3
Signer

.text
Size: 216KB - Virtual size: 214KB

.data
Size: - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 3KB