60e2217d205b4a470dc536ff291a5a38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60e2217d205b4a470dc536ff291a5a38_JaffaCakes118
Size

314KB
MD5

60e2217d205b4a470dc536ff291a5a38
SHA1

8e2d8b487a1d1554ced22e7c011b6e0ed08cbe40
SHA256

116e5f2e72253b55461be0ce077460006d94067291126f310665c122cf790893
SHA512

04d1a2c823e280d3f1c74ab20aba122363a34845513a79156ab3d2dbb300f4fe55ac1e2ed3441c648cb82955c6b55763275dc120955d1d0c6e6941942d840e7f
SSDEEP

6144:gNZ0rt9HB8B3syrqXBQTTAVCYqdPZb1uwVF2OJOIMsRjtDAzvLxZHHHHHHAMsnhS:+UHB4Rrqx8TAV01Zb0wVFh/UNZohS

Score

1^/10

Malware Config

Signatures

Files

60e2217d205b4a470dc536ff291a5a38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd0a00d6be0c5eeb5f1341d933ff5fc9

Code Sign

10:25:72:a3:83:8e:18:c1:d9:86:9b:bb:dc:47:b8:69
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/02/2015, 00:00

Not After

24/02/2016, 23:59

Subject

CN=Consortium Group ltd,O=Consortium Group ltd,POSTALCODE=00152,STREET=CORNER OF GR.MARLBOROUGH UN GR.GEORGE STR.+STREET=3RD FLOOR\, C&h TOWERS\,,L=ROSEAU,ST=ROSEAU,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d6:d5:7f:05:49:0e:a5:75:96:05:82:0d:04:cb:8d:bc:64:64:f8:d0
Signer

Actual PE Digest

d6:d5:7f:05:49:0e:a5:75:96:05:82:0d:04:cb:8d:bc:64:64:f8:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

wininet

HttpEndRequestA

kernel32

VirtualAlloc
GetModuleHandleW
GetCommandLineW
CreateFileMappingA
CreateThread
SetCurrentDirectoryW
InterlockedDecrement
FreeLibrary
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
CreateEventA
CompareStringA
GetTempPathW
CreateDirectoryW
GetUserDefaultLangID
GetCurrentProcess
ExitProcess
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetStartupInfoA
GetModuleHandleA
WriteFile
SetErrorMode
GetVersion
GetProcAddress
TlsGetValue
GetVersionExA
lstrcmpiA
GetTickCount
QueryPerformanceCounter
GetLastError
GetSystemTimeAsFileTime
GetCommandLineA
FlushFileBuffers
CreateFileA
DeleteFileW
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetFilePointer
SetStdHandle

user32

SetScrollInfo
GetWindowPlacement
SetRect
SetPropA
SetMenuItemInfoA
SetMenu
LoadStringA
RegisterClassExA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
IntersectRect
IsWindowEnabled
RemovePropA
GetScrollPos
GetKeyboardType
GetSystemMetrics
MessageBoxA
CharNextA
CharNextW
CreateWindowExA
IsWindowVisible
IsZoomed
WindowFromPoint
GetCapture
GetClassInfoA
GetClassNameA
GetSystemMenu
GetWindowLongA
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
PtInRect

gdi32

SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
DeleteEnhMetaFile
GetLogColorSpaceW
ExcludeClipRect
DeleteObject
CreatePen
CreatePenIndirect
GetClipBox
TextOutW
SetAbortProc
Rectangle
OffsetWindowOrgEx
CreateFontIndirectA
DeleteMetaFile

comdlg32

ChooseFontA
GetOpenFileNameA
ReplaceTextW
FindTextW
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
StrStrIA

oleaut32

SafeArrayGetLBound
VarRound
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayPutElement
VariantInit

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd0a00d6be0c5eeb5f1341d933ff5fc9

Code Sign

10:25:72:a3:83:8e:18:c1:d9:86:9b:bb:dc:47:b8:69Certificate

Extended Key Usages

Key Usages

d6:d5:7f:05:49:0e:a5:75:96:05:82:0d:04:cb:8d:bc:64:64:f8:d0Signer

Headers

File Characteristics

Imports

comctl32

version

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 28KB - Virtual size: 24KB

10:25:72:a3:83:8e:18:c1:d9:86:9b:bb:dc:47:b8:69
Certificate

d6:d5:7f:05:49:0e:a5:75:96:05:82:0d:04:cb:8d:bc:64:64:f8:d0
Signer

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 28KB - Virtual size: 24KB