66885b800ab12651cf3776caa2ddbf44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66885b800ab12651cf3776caa2ddbf44_JaffaCakes118
Size

339KB
MD5

66885b800ab12651cf3776caa2ddbf44
SHA1

d23a80e7cfdb7a6f33b7ca4c1abe3c51a34d1e8b
SHA256

0f2e2247d5cabdb86c111f25e62d8ed0735691630273b7bc23506539b0a2edf9
SHA512

6d7025658ff6ac3e14e95c97f97a1839aec6988bf087c4aec347906bafb1512869a638c5f7df615d996081fff7d08b1e110f41019d1b4161816ad6c419189289
SSDEEP

6144:QKQlNz6h3Cu0q+sr4le89v/vPrQwV0EVgtrnEq2o5l9J/2Srti22p1IqN+gr0:vkNOh3Cu0d/Y89fV0agdn8ovn/T1a0go

Score

1^/10

Malware Config

Signatures

Files

66885b800ab12651cf3776caa2ddbf44_JaffaCakes118
.rar
orderlist.exe
.exe windows:4 windows x86 arch:x86

9386a3570abb08ccebb7fa12ddb6d7d2

Code Sign

01
Certificate

Issuer

CN=American South digital,O=American South digital 2016,C=BR

Not Before

17/04/2019, 16:00

Not After

16/04/2022, 16:00

Subject

CN=American South digital,O=American South digital 2016,C=BR

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f0:ee:b3:35:ee:49:4f:07:d5:2c:de:a2:ab:b7:1e:af:2c:26:95:7c:a3:82:2b:65:38:63:ae:83:9c:84:b6:08
Signer

Actual PE Digest

f0:ee:b3:35:ee:49:4f:07:d5:2c:de:a2:ab:b7:1e:af:2c:26:95:7c:a3:82:2b:65:38:63:ae:83:9c:84:b6:08

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord698
MethCallEngine
ord517
ord519
ord593
ord521
ord522
ord523
ord631
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord673
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ProcCallEngine
ord645
ord685
ord100

Sections

.text
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9386a3570abb08ccebb7fa12ddb6d7d2

Code Sign

01Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

f0:ee:b3:35:ee:49:4f:07:d5:2c:de:a2:ab:b7:1e:af:2c:26:95:7c:a3:82:2b:65:38:63:ae:83:9c:84:b6:08Signer

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 620KB - Virtual size: 619KB

.data Size: - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 3KB

01
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

f0:ee:b3:35:ee:49:4f:07:d5:2c:de:a2:ab:b7:1e:af:2c:26:95:7c:a3:82:2b:65:38:63:ae:83:9c:84:b6:08
Signer

.text
Size: 620KB - Virtual size: 619KB

.data
Size: - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 3KB