3d46f267f6bddbdadc3d2b2347c296c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d46f267f6bddbdadc3d2b2347c296c8_JaffaCakes118
Size

933KB
MD5

3d46f267f6bddbdadc3d2b2347c296c8
SHA1

01282997fdf1c74d56ca13ed0bec7a8a76dee219
SHA256

dc8b60a2ab5ac7f0d3af0795277aaa4e8deb868900030189ebb5efde762c9736
SHA512

9d00cfae16fcc1426e37fd860dced3b4904c397043d280053f942476a6769060f2f8e83d81080fa8784265b0d318a69f5cb88a330e89a54174d34e731626c05d
SSDEEP

24576:4e5lnYs5IdeoAgFILuEL1jI9T66666669E:xYYI2SEL1jIR

Score

1^/10

Malware Config

Signatures

Files

3d46f267f6bddbdadc3d2b2347c296c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6e3bc90785d6236e9fbd54f4cae805c

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b3:70:0e:ab:ca:a6:a7:ca:4d:61:5a:a3:4d:a7:c5:de
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/06/2016, 00:00

Not After

14/06/2017, 23:59

Subject

CN=Finance AI TI,O=Finance AI TI,POSTALCODE=107031,STREET=Kuznetsky Most street 18/7,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c8:d4:4c:ce:69:cb:e0:ef:a5:69:ef:3e:c2:58:87:51:91:9a:75:86:3f:84:85:bf:5d:dc:19:5e:09:10:fc:6a
Signer

Actual PE Digest

c8:d4:4c:ce:69:cb:e0:ef:a5:69:ef:3e:c2:58:87:51:91:9a:75:86:3f:84:85:bf:5d:dc:19:5e:09:10:fc:6a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
ExitProcess
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReleaseSemaphore
Sleep
DeleteCriticalSection
TerminateThread
LoadLibraryExW
CreateMutexA
ResetEvent
CloseHandle
OpenEventA
ResumeThread
GetFileSize
GetModuleHandleA
FreeLibrary
GetProcAddress
LockResource
CreateEventA
VirtualAllocEx
GetThreadPriority
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
WriteFile
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
MultiByteToWideChar
LCMapStringA

user32

DestroyWindow
CreateDesktopA
ReleaseDC
GetDC
LoadImageA
PostMessageA
ShowWindow
SwitchDesktop
EnableWindow

gdi32

SetPixel

ole32

CoInitialize
CoUninitialize

oleaut32

VariantInit

ws2_32

closesocket

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ISYX3
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e3bc90785d6236e9fbd54f4cae805c

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

b3:70:0e:ab:ca:a6:a7:ca:4d:61:5a:a3:4d:a7:c5:deCertificate

Extended Key Usages

Key Usages

c8:d4:4c:ce:69:cb:e0:ef:a5:69:ef:3e:c2:58:87:51:91:9a:75:86:3f:84:85:bf:5d:dc:19:5e:09:10:fc:6aSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

ws2_32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 336KB - Virtual size: 334KB

.data Size: 488KB - Virtual size: 492KB

.ISYX3 Size: 4KB - Virtual size: 2KB

.tls Size: 12KB - Virtual size: 9KB

.rsrc Size: 44KB - Virtual size: 44KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

b3:70:0e:ab:ca:a6:a7:ca:4d:61:5a:a3:4d:a7:c5:de
Certificate

c8:d4:4c:ce:69:cb:e0:ef:a5:69:ef:3e:c2:58:87:51:91:9a:75:86:3f:84:85:bf:5d:dc:19:5e:09:10:fc:6a
Signer

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 336KB - Virtual size: 334KB

.data
Size: 488KB - Virtual size: 492KB

.ISYX3
Size: 4KB - Virtual size: 2KB

.tls
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 44KB - Virtual size: 44KB