726449ad7d2f9f5c50e923982c6e0717_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

726449ad7d2f9f5c50e923982c6e0717_JaffaCakes118
Size

172KB
MD5

726449ad7d2f9f5c50e923982c6e0717
SHA1

da4f204d575ed1f643d6295652b6d514888c38fc
SHA256

f3bc659c24fec566ac66f0b1f6b984e70207c33b4026f10cdfeee39126c3bef9
SHA512

d40895d4e0e19d82553cfe2c783123c14f8d6fdede91a9b60d5855a74509b06cb9978b7757c6ee7b50aabe796a1e8ba573baeb7da08ece06ba35e4f54b973f13
SSDEEP

3072:xfxKfAbVGgwWPXvbSAxCYLQ5M7wNtVmUt85YXiI2F8V:tlbVhPXvbSAokQ5ttJt85YSH8V

Score

1^/10

Malware Config

Signatures

Files

726449ad7d2f9f5c50e923982c6e0717_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0c75671642424031475e94c64d832ff5

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:1f:4b:a2:e7:4b:9f:a8:d5:25:97:da:d2:24:0a:cd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30-11-2016 00:00

Not After

04-12-2019 12:00

Subject

CN=GitHub\, Inc.,O=GitHub\, Inc.,L=San Francisco,ST=California,C=US,1.2.840.113549.1.9.1=#0c12737570706f7274406769746875622e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

76:26:38:67:45:b2:f4:98:13:3f:52:62:4e:ef:c2:76:9c:71:17:07:e4:f1:27:51:73:39:27:c0:11:2c:e5:5a
Signer

Actual PE Digest

76:26:38:67:45:b2:f4:98:13:3f:52:62:4e:ef:c2:76:9c:71:17:07:e4:f1:27:51:73:39:27:c0:11:2c:e5:5a

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
CloseHandle
GetProcAddress
GetModuleHandleW
LoadLibraryA
GetNativeSystemInfo
GetCPInfo
FillConsoleOutputCharacterW
GetLastError
GetTickCount
FindFirstChangeNotificationA
HeapSize
HeapReAlloc
GetStringTypeW
ExitThread
LCMapStringW
WideCharToMultiByte
LoadLibraryW
Sleep
IsValidCodePage
GetOEMCP
GetACP
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
FindAtomW
EnumTimeFormatsA
FindResourceExA
FreeEnvironmentStringsW
SetLastError
MultiByteToWideChar
GlobalFree
UnhandledExceptionFilter
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
IsProcessorFeaturePresent
HeapFree
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId

user32

PeekMessageW
GetRawInputDeviceInfoA
PrivateExtractIconsA
LoadCursorW
LoadCursorFromFileA
LoadIconA
LoadKeyboardLayoutW
ScrollWindow
UpdateWindow
LookupIconIdFromDirectoryEx
MapVirtualKeyW
MapWindowPoints
CloseClipboard
OpenClipboard
GetDialogBaseUnits
DefDlgProcW
RealGetWindowClassW
GetCaretPos
GetDesktopWindow
GetParent
GetMenu
DlgDirSelectExA
LoadBitmapW
MapVirtualKeyExA

gdi32

FillPath

advapi32

ClearEventLogA
BackupEventLogW
CloseServiceHandle
ChangeServiceConfigA

shell32

ShellExecuteA

Exports

Exports

_MyFunc1@4

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c75671642424031475e94c64d832ff5

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

06:1f:4b:a2:e7:4b:9f:a8:d5:25:97:da:d2:24:0a:cdCertificate

Extended Key Usages

Key Usages

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

76:26:38:67:45:b2:f4:98:13:3f:52:62:4e:ef:c2:76:9c:71:17:07:e4:f1:27:51:73:39:27:c0:11:2c:e5:5aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 4KB - Virtual size: 111KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 5KB - Virtual size: 4KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

06:1f:4b:a2:e7:4b:9f:a8:d5:25:97:da:d2:24:0a:cd
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

76:26:38:67:45:b2:f4:98:13:3f:52:62:4e:ef:c2:76:9c:71:17:07:e4:f1:27:51:73:39:27:c0:11:2c:e5:5a
Signer

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 4KB - Virtual size: 111KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 5KB - Virtual size: 4KB