45b56c0fcc8049d40f86dbcf13b9345a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45b56c0fcc8049d40f86dbcf13b9345a_JaffaCakes118
Size

11.5MB
MD5

45b56c0fcc8049d40f86dbcf13b9345a
SHA1

e26a1ccb13ddc51237eb2643388155358cf186d0
SHA256

41933517f50be94511bd9a9b31c4037d08b58f874413c6c80951c948fca3b5ff
SHA512

0733375400457f1836d4ad69686108566dca43561718ed60c12c314c7e71e86a624e3255b1c558ad84d6589ff8e05d3384fa67473d4f88b491fb8f5d77777eff
SSDEEP

196608:Eh1DOrcLguDWjAeiE0RdLmMX27b9REp9xLtpofc24hpUWqAT8+GYk0EECF:u16rcLguDWjby1m/6xgohpUWqATWYkRN

Score

1^/10

Malware Config

Signatures

Files

45b56c0fcc8049d40f86dbcf13b9345a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Code Sign

84:a3:d5:b8:c9:b8:f4:73
Certificate

Issuer

CN=Itau Unibanco S.A.,OU=Itau Unibanco S.A.,O=Itau Unibanco S.A.,L=Sao Paulo,ST=Sao Paulo,C=BR,1.2.840.113549.1.9.1=#0c10696e666f40697461752e636f6d2e6272

Not Before

30/07/2016, 14:39

Not After

30/07/2021, 14:39

Subject

CN=Itau Unibanco S.A.,OU=Itau Unibanco S.A.,O=Itau Unibanco S.A.,L=Sao Paulo,ST=Sao Paulo,C=BR,1.2.840.113549.1.9.1=#0c10696e666f40697461752e636f6d2e6272

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:fc:02:ff:a6:e5:0b:93:56:af:3c:5f:8a:9c:9e:6d:2d:99:da:5d
Signer

Actual PE Digest

15:fc:02:ff:a6:e5:0b:93:56:af:3c:5f:8a:9c:9e:6d:2d:99:da:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept

Sections

Size: 998KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.5MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2.5MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 394KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

84:a3:d5:b8:c9:b8:f4:73Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4cCertificate

Extended Key Usages

Key Usages

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91Certificate

Key Usages

15:fc:02:ff:a6:e5:0b:93:56:af:3c:5f:8a:9c:9e:6d:2d:99:da:5dSigner

Headers

File Characteristics

Exports

Exports

Sections

Size: 998KB - Virtual size: 3.8MB

Size: 5KB - Virtual size: 12KB

Size: 25KB - Virtual size: 76KB

Size: - Virtual size: 24KB

Size: 15KB - Virtual size: 20KB

Size: 1024B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 296KB

.rsrc Size: 7.5MB - Virtual size: 9.0MB

Size: 2.5MB - Virtual size: 12.2MB

.data Size: 394KB - Virtual size: 396KB

.adata Size: - Virtual size: 4KB

84:a3:d5:b8:c9:b8:f4:73
Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

15:fc:02:ff:a6:e5:0b:93:56:af:3c:5f:8a:9c:9e:6d:2d:99:da:5d
Signer

.rsrc
Size: 7.5MB - Virtual size: 9.0MB

.data
Size: 394KB - Virtual size: 396KB

.adata
Size: - Virtual size: 4KB