4e9397ae74f0245140eb94d659d2ff47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4e9397ae74f0245140eb94d659d2ff47_JaffaCakes118
Size

135KB
MD5

4e9397ae74f0245140eb94d659d2ff47
SHA1

861bf15926eb1edec442eabd6e41810d09db361f
SHA256

1064f62ed3d32a29433b593231bcea56fa28bad80e8822c82a238b586be8ad5f
SHA512

6ea278555142e093e09a69d2690586f6193dd19a2e388d558bc7d96c06d187b7d902cde312452b8f7e41c65c8f79e42363676b2a0bf4522a8a619afe21804e74
SSDEEP

3072:6bPiQ+1HzW2mDX9qU4mcH+j8KwN3fAgd0:6bPqTCcUgH9NPJd0

Score

1^/10

Malware Config

Signatures

Files

4e9397ae74f0245140eb94d659d2ff47_JaffaCakes118
.dll windows:5 windows x86 arch:x86

debbcfb8f680367ffffcb4d4b1fdae06

Code Sign

66:23:fa:fc:ac:35:75:77:a3:1d:90:c1:e5:67:e9:a7
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

17/11/2014, 00:00

Not After

17/11/2015, 23:59

Subject

CN=BadFinger Project (BrightCircle Investments Limited),O=BadFinger Project (BrightCircle Investments Limited),POSTALCODE=2025,STREET=Dasoupoli Strovolos+STREET=Athinodorou 3,L=Nicosia,ST=Cyprus,C=CY

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

91:a4:50:06:ba:03:5f:5e:c6:51:93:56:4e:23:e4:c0:34:1e:c9:48
Signer

Actual PE Digest

91:a4:50:06:ba:03:5f:5e:c6:51:93:56:4e:23:e4:c0:34:1e:c9:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
InitializeCriticalSection
LoadLibraryW
Sleep
LeaveCriticalSection
GetMailslotInfo
GetTimeZoneInformation
CreateFileW
ReleaseSemaphore
GetLastError
GetModuleHandleW
GetProcAddress
EnterCriticalSection
GetDiskFreeSpaceW
OpenThread
GetFileType
GetModuleFileNameA
FindNextFileW
CloseHandle
CreateThread
SetLastError
InterlockedCompareExchange
EncodePointer
DecodePointer
HeapFree
HeapAlloc
HeapSize
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
InterlockedDecrement
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
OutputDebugStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers

advapi32

RegCloseKey

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

debbcfb8f680367ffffcb4d4b1fdae06

Code Sign

66:23:fa:fc:ac:35:75:77:a3:1d:90:c1:e5:67:e9:a7Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

91:a4:50:06:ba:03:5f:5e:c6:51:93:56:4e:23:e4:c0:34:1e:c9:48Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 17KB - Virtual size: 16KB

66:23:fa:fc:ac:35:75:77:a3:1d:90:c1:e5:67:e9:a7
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

91:a4:50:06:ba:03:5f:5e:c6:51:93:56:4e:23:e4:c0:34:1e:c9:48
Signer

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 17KB - Virtual size: 16KB