6952a6389057bcc5c67ea47c63884d80_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6952a6389057bcc5c67ea47c63884d80_JaffaCakes118
Size

608KB
MD5

6952a6389057bcc5c67ea47c63884d80
SHA1

0bb28e7acf77f8d66a726c39d27e8948651cd8c9
SHA256

22b386827ee73e898106df7ad376f6483f2e9466781f739a9bc4fa690d8c17c9
SHA512

f2e513a8d5147b76cbb73acea9d49c7dcf871deca4c9a42c1b6d866d02fc483766b8304d2649f2dfb608d24999ef6f85913cdd911e063c7c31a1e308393b8510
SSDEEP

12288:b9WvJ9K0xROBFkUyiSaNji79FBbd6iWCAEE:bg7K0xKFylaNjEBbd6iME

Score

1^/10

Malware Config

Signatures

Files

6952a6389057bcc5c67ea47c63884d80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c758dee82d462c4a63384e873adf6d9

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24-08-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

eb:63:bc:1a:de:5b:47:04:2e:54:27:2c:b3:9f:90:99
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-11-2014 00:00

Not After

25-11-2015 23:59

Subject

CN=Webstream,O=Webstream,POSTALCODE=153003,STREET=Krasnyh zor\, 15a,L=Ivanovo,ST=Ivanovo oblast,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

be:fe:98:f9:d5:18:19:50:2f:cb:c2:2c:9b:e8:43:08:a7:a3:68:c8
Signer

Actual PE Digest

be:fe:98:f9:d5:18:19:50:2f:cb:c2:2c:9b:e8:43:08:a7:a3:68:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
DeleteFileW
InterlockedExchange
InterlockedDecrement
GetModuleHandleA
TerminateThread
GetTickCount
DeleteFileA
LCMapStringA
GetSystemInfo
LocalLock
VirtualAllocEx
GetFileAttributesA
VirtualAlloc
VirtualProtect
GetLocaleInfoA
HeapSize
SetStdHandle
ReadFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
CloseHandle
CreateFileA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
RtlUnwind
VirtualQuery
HeapReAlloc
LCMapStringW

user32

LoadImageA

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC

ole32

CoCreateGuid
CoUninitialize

oleaut32

VariantInit
SysAllocString

secur32

SetContextAttributesW
SetContextAttributesA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.addex77
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c758dee82d462c4a63384e873adf6d9

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

eb:63:bc:1a:de:5b:47:04:2e:54:27:2c:b3:9f:90:99Certificate

Extended Key Usages

Key Usages

be:fe:98:f9:d5:18:19:50:2f:cb:c2:2c:9b:e8:43:08:a7:a3:68:c8Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

secur32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 36KB - Virtual size: 105KB

.addex77 Size: 520KB - Virtual size: 516KB

.rsrc Size: 12KB - Virtual size: 10KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

eb:63:bc:1a:de:5b:47:04:2e:54:27:2c:b3:9f:90:99
Certificate

be:fe:98:f9:d5:18:19:50:2f:cb:c2:2c:9b:e8:43:08:a7:a3:68:c8
Signer

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 36KB - Virtual size: 105KB

.addex77
Size: 520KB - Virtual size: 516KB

.rsrc
Size: 12KB - Virtual size: 10KB