418611ef5f3a9e37bc07b1a2c2bffd53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

418611ef5f3a9e37bc07b1a2c2bffd53_JaffaCakes118
Size

113KB
MD5

418611ef5f3a9e37bc07b1a2c2bffd53
SHA1

4a785f93c8018661070f2e05fe7d6b585ac36dc9
SHA256

10d040be2fc6962963fcc5cd05e73467fe08c6fa4efd8de16ebd5878d5bc6182
SHA512

3f3280e1772f8a04c853726781d570a6fd6f7cbc265a5e73a28aaa22bbb8cbba0d9e2852cd1d89c99f09387c305f646648d2cfe4c455ca733f0ea79a00a0d152
SSDEEP

3072:POvEwbEp5kwwhw/zO0lGVJ5I/JhOUvwrhUN9Pa5:P+EQEbkws0zO2Gf5gDq

Score

1^/10

Malware Config

Signatures

Files

418611ef5f3a9e37bc07b1a2c2bffd53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/01/2014, 00:00

Not After

24/01/2015, 23:59

Subject

CN=INFORMATSIONNYE TEKHNOLOGII\, OOO,O=INFORMATSIONNYE TEKHNOLOGII\, OOO,POSTALCODE=109004,STREET=4-6 str. 3\, per. Nikoloyamski,L=Moscow,ST=Moscow region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetEnvironmentStrings
TlsSetValue
HeapFree
GetVersionExW
LocalFree
LCMapStringW
GetTickCount
lstrlenW
GetModuleHandleA
SetUnhandledExceptionFilter
UnmapViewOfFile
LoadLibraryExW
WaitForSingleObject
SetHandleCount
LoadLibraryW
FreeLibrary
GetLocaleInfoA
GetStartupInfoA
CancelIo
ExitProcess
InterlockedDecrement
lstrcmpiW
GetLastError
HeapSize
TlsGetValue
FindClose
TlsFree
FreeEnvironmentStringsW
GetModuleHandleW
GlobalFree
GetProcessHeap
Sleep
GetCPInfo
GetCommandLineA

user32

CreateWindowExA
CopyRect
PostMessageA
SetDlgItemTextW
RegisterWindowMessageW
BeginPaint
SendDlgItemMessageW
SetWindowLongW
OffsetRect
CharNextA
CallWindowProcW
PtInRect
MessageBoxA
MoveWindow
SetForegroundWindow
LoadImageW
EnableWindow

gdi32

UnrealizeObject
SelectPalette
StretchBlt
ExtSelectClipRgn
SetWindowExtEx
DeleteDC
CreateDIBSection
SelectObject
SetViewportExtEx
SaveDC
OffsetRgn
GetTextMetricsW

advapi32

FreeSid
ChangeServiceConfigW
UpdateTraceW
CryptAcquireContextA
CryptAcquireContextW
ProcessTrace
RegDeleteValueW
RegEnumValueW
CryptReleaseContext
RegOpenKeyExA
OpenServiceW
CheckTokenMembership
GetSidIdentifierAuthority
CryptImportKey
GetSidSubAuthorityCount
RegQueryInfoKeyW
OpenSCManagerW
OpenTraceW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 11KB - Virtual size: 10KB

bss Size: 7KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 11KB - Virtual size: 10KB

bss
Size: 7KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB