3c297d97bb9a9258e1060e18af923ed7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c297d97bb9a9258e1060e18af923ed7_JaffaCakes118
Size

865KB
MD5

3c297d97bb9a9258e1060e18af923ed7
SHA1

218bc0b0bb077c6ec3e756700abd3276e33be205
SHA256

9da45d2cf0dee5d3d0bbdc08eb555085eb42e8205bfdb7c36ad96664a4b41b25
SHA512

d3e3cbd86d1dfd94420585a46375b15be627261daa918fc1845ad82264f40217e73634b0691c34f3f28dd64cf9e037b05efcbfe9e53d9747c9ad7c941df55fec
SSDEEP

24576:lfmBMFgDdvynsMIv6zfDhJUoQHifC7T3WDNyp+DY:lfmB3JvV/vStJ2C63WZypp

Score

1^/10

Malware Config

Signatures

Files

3c297d97bb9a9258e1060e18af923ed7_JaffaCakes118
.zip
_flux-b13!-2018!-hack-by-juuzze.zip
.zip
flux-b13!-2018!-hack-by-juuzze_dTskB.exe
.exe windows:4 windows x86 arch:x86

9e42849c0eaa8fe7b62b6bb144763770

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

04-06-2018 00:00

Not After

16-06-2018 23:59

Subject

CN=TIFFANI,O=TIFFANI,POSTALCODE=420083,STREET=ul Rashida Nezhmetdinova d2 kv45,L=Kazan,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetFileCompressionInfoW
SetupGetFileCompressionInfoA
SetupDecompressOrCopyFileW
SetupGetBinaryField

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetLastError
CreateFileMappingA
GetACP
CloseHandle
FreeLibrary
GetQueuedCompletionStatus
GlobalFlags
GetTimeZoneInformation
InterlockedExchange
SetEndOfFile
GetShortPathNameA
lstrcmpiA
SetCurrentDirectoryW
FlushFileBuffers
GlobalFindAtomW
GetTimeFormatA
MulDiv
GlobalUnlock
GetExitCodeThread
OpenProcess
RaiseException
CreateDirectoryA
FindNextFileA
GetDriveTypeW
SizeofResource
GetSystemDirectoryW
GetExitCodeProcess
GetSystemInfo
CompareFileTime
CreateThread
GetProcAddress
GetVersion
GetVersionExA
GetModuleHandleA
VirtualProtect
GetCommandLineW
SetLastError
GetTickCount
IsBadReadPtr
GetStringTypeW
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree

user32

GetSystemMetrics

shell32

ShellExecuteW
SHGetFileInfoA
Shell_NotifyIconW

Sections

.text
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e42849c0eaa8fe7b62b6bb144763770

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06Certificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

setupapi

kernel32

user32

shell32

Sections

.text Size: 728KB - Virtual size: 726KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 204KB - Virtual size: 205KB

.tls Size: 4KB - Virtual size: 8B

.rsrc Size: 304KB - Virtual size: 301KB

.reloc Size: 8KB - Virtual size: 4KB

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

.text
Size: 728KB - Virtual size: 726KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 204KB - Virtual size: 205KB

.tls
Size: 4KB - Virtual size: 8B

.rsrc
Size: 304KB - Virtual size: 301KB

.reloc
Size: 8KB - Virtual size: 4KB