5d09a1fd082f8427aaeaad199386cbc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d09a1fd082f8427aaeaad199386cbc5_JaffaCakes118
Size

573KB
MD5

5d09a1fd082f8427aaeaad199386cbc5
SHA1

b2c890515ded615d3134690f5062d2a628b0376c
SHA256

3b6381dd30521703514ed7db6a1373688158d884f7f1528b5cb55251285f736e
SHA512

5338680cc85bcad7ea9a08c7153f07edfd81ea95313dcb0126318e004e32fb1538bc53d1bb557c7eb1210a1155f448b72b83217951d008dde87c2429a0183e8c
SSDEEP

12288:08q8RGfJikoOE3tDu9JXgyMYAcnysk4wRCLIFeBVzQaIjzMn:idfJyPty9xrMYAm44wsnBVkaIPMn

Score

1^/10

Malware Config

Signatures

Files

5d09a1fd082f8427aaeaad199386cbc5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a9c530f498be6d9edea9da912deac95a

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2016, 00:00

Not After

25/05/2017, 23:59

Subject

CN=Smart Union,O=Smart Union,POSTALCODE=127474,STREET=Beskudnikovsky boulevard 2,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

47:bb:fa:ec:e3:31:6d:51:c5:5f:81:cb:1d:81:ed:71:11:3e:05:f1:c3:c7:7f:14:49:15:a5:95:33:bf:da:69
Signer

Actual PE Digest

47:bb:fa:ec:e3:31:6d:51:c5:5f:81:cb:1d:81:ed:71:11:3e:05:f1:c3:c7:7f:14:49:15:a5:95:33:bf:da:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
FindResourceExW
FindResourceW
FlushInstructionCache
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleFileNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapSetInformation
HeapSize
DeleteFileW
InterlockedPopEntrySList
InterlockedPushEntrySList
LeaveCriticalSection
LoadResource
LockResource
MulDiv
MultiByteToWideChar
RaiseException
SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualFree
WideCharToMultiByte
lstrcmpW
lstrlenW
DeleteCriticalSection
CreateMutexW
CreateFileW
CloseHandle
LoadLibraryA
GetModuleHandleW
GetProcessHeap
HeapAlloc
InitializeCriticalSection
VirtualAlloc

user32

LoadIconA
GetParent
LoadBitmapA
GetSystemMetrics
LoadBitmapW
LoadIconW

advapi32

GetTraceEnableFlags
RegOpenKeyA
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
TraceEvent
TraceMessage
UnregisterTraceGuids
RegQueryValueExW

winmm

timeGetTime

Sections

.text
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9c530f498be6d9edea9da912deac95a

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6Certificate

Extended Key Usages

Key Usages

47:bb:fa:ec:e3:31:6d:51:c5:5f:81:cb:1d:81:ed:71:11:3e:05:f1:c3:c7:7f:14:49:15:a5:95:33:bf:da:69Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winmm

Sections

.text Size: 561KB - Virtual size: 560KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

d0:e5:92:2e:2b:69:fd:4d:0e:3f:fa:18:81:ab:b3:a6
Certificate

47:bb:fa:ec:e3:31:6d:51:c5:5f:81:cb:1d:81:ed:71:11:3e:05:f1:c3:c7:7f:14:49:15:a5:95:33:bf:da:69
Signer

.text
Size: 561KB - Virtual size: 560KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB