436c925ddbdc96618c5c7af68f65c9ac_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

436c925ddbdc96618c5c7af68f65c9ac_JaffaCakes118
Size

210KB
MD5

436c925ddbdc96618c5c7af68f65c9ac
SHA1

63cd53aa72648443683592c822bfd2c207f853a3
SHA256

22a63e34383b905206848ac7aaa332d47fb3aed7d2c9909d3ddd5d3f62b77bae
SHA512

0cdd5e2ea6a17a2eda296c88b2a1642d016d3849b7a241a58a6483c2f276f71dab348006af1c99e18cd08da0170bda4e2d5729272650e17d4daf30529268040a
SSDEEP

6144:qOTu0w+ojrQfbDzng4D3bdbvs1C8/ehoraNUXeKBh:qOTu0w+ojrQfbXng4bbdoh

Score

1^/10

Malware Config

Signatures

Files

436c925ddbdc96618c5c7af68f65c9ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dfb94430efcfce8629226f11e19f422c

Code Sign

f3:9f:5e:50:96:77:9b:72:82:2c:f8:38:11:66:a4:32
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Digit Network (Extreme White Limited),O=Digit Network (Extreme White Limited),POSTALCODE=2373,STREET=Tassou Papadopulu 6 (flat/office 22),L=Nicosia,ST=Agios Dometios,C=CY

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:39:10:fa:de:9a:3c:bd:01:b0:3e:f9:11:9f:94:9f:ca:57:ba:8a
Signer

Actual PE Digest

46:39:10:fa:de:9a:3c:bd:01:b0:3e:f9:11:9f:94:9f:ca:57:ba:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cross\Desktop\compilation_bot_area\updaters-and-utils\utils\multiget\Release\multiget.pdb

Imports

wininet

InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
InternetSetOptionW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetCrackUrlW
InternetOpenW

kernel32

SetStdHandle
SetFilePointerEx
GetStringTypeW
GetCurrentProcess
GetModuleFileNameW
GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualProtect
WriteProcessMemory
PeekNamedPipe
GetTickCount
Sleep
GetMailslotInfo
GetLastError
WriteConsoleW
InitializeCriticalSection
GetTimeZoneInformation
DeleteCriticalSection
FileTimeToDosDateTime
CreateFileA
WaitForSingleObject
WriteFile
LeaveCriticalSection
GetNamedPipeInfo
ReadFile
GetTempPathW
EnterCriticalSection
CreatePipe
CreateFileW
GetDiskFreeSpaceW
OpenThread
FindNextFileW
FlushFileBuffers
SetEndOfFile
GetFileType
ExitProcess
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
InterlockedDecrement
ReadConsoleW
GetModuleHandleExW
MultiByteToWideChar
HeapSize
GetStdHandle
HeapFree
HeapAlloc
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetConsoleCP
GetConsoleMode
CloseHandle
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
OutputDebugStringW
LoadLibraryW
LCMapStringW

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 32.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb94430efcfce8629226f11e19f422c

Code Sign

f3:9f:5e:50:96:77:9b:72:82:2c:f8:38:11:66:a4:32Certificate

Extended Key Usages

Key Usages

46:39:10:fa:de:9a:3c:bd:01:b0:3e:f9:11:9f:94:9f:ca:57:ba:8aSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

kernel32

advapi32

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 6KB - Virtual size: 32.0MB

.rsrc Size: 15KB - Virtual size: 15KB

f3:9f:5e:50:96:77:9b:72:82:2c:f8:38:11:66:a4:32
Certificate

46:39:10:fa:de:9a:3c:bd:01:b0:3e:f9:11:9f:94:9f:ca:57:ba:8a
Signer

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 6KB - Virtual size: 32.0MB

.rsrc
Size: 15KB - Virtual size: 15KB