86373133ff8428db7eb7728d1a0adf31_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

86373133ff8428db7eb7728d1a0adf31_JaffaCakes118
Size

7.6MB
MD5

86373133ff8428db7eb7728d1a0adf31
SHA1

537bb2097f46b4a5ebb2bf6d3bd7459e33737656
SHA256

c9450a321f914f3afbf8ccc7559186e84766b6a2d0cfb227a36eeeacc36dac4a
SHA512

74716f8e3037c506b42ed0fc51ef42cf83f302b9bf0e75cb3c1db65a891e889ab9c091b234cd5c69ac8f75b49fec6f0511e322bd8f3a39c3b5c23a360aa3016f
SSDEEP

196608:pODywOFC9qh57KZ18GBLntqhbTQe5t2/ct1U2v83INAiGsiWN:pK3qC9qh5bGBRwPQe5oUt1UjIWsJN

Score

1^/10

Malware Config

Signatures

Files

86373133ff8428db7eb7728d1a0adf31_JaffaCakes118
.zip
4ROW.BA_
ANIMAL.BA_
APPSETUP.IN_
ARGS.CP_
ARGS.EX_
ARGS.FV_
ARGS.H_
ARGS.XV_
BATCH.TX_
CLOSE.PI_
CTL3D95.DL_
CTL3D98.DL_
CTL3DNT.DL_
DESCRIPT.IO_
DLGEDIT.EX_
DOS2UNIX.EX_
DUPLICAT.EX_
ELIZA.BA_
FILE_ID.DIZ
FUNC.EX_
GOTHIC.EX_
ICON.RC_
ICON1.IC_
INACTIVE.PI_
INSTALL.EX_
JUNCTION.EX_
LEAVES.BM_
LIGHTNIN.BM_
LOGO.EX_
MAZE.BA_
MD5.EX_
MERGE.CP_
MERGE.EX_
MERGE.FV_
MERGE.XV_
NEBULA.BM_
SBANNER.EX_
SETUP.EXE
.exe windows:1 windows x86 arch:x86

a9cc4f185176e66cb719d23f0e2bd6a4

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

11:c9:58:99:57:7e:00:cc:53:23:5f:fd:fe:b3:0a:39
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/06/2016, 00:00

Not After

01/06/2017, 23:59

Subject

CN=Lucien Cinc,O=Lucien Cinc,POSTALCODE=2138,STREET=502/2 Shoreline Drive,L=Rhodes,ST=NSW,C=AU,2.5.4.18=#130b504f20426f782033333336

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:05:38:62:83:4a:b1:6f:78:d4:37:b7:91:2a:fc:56:d9:ac:97:98
Signer

Actual PE Digest

2c:05:38:62:83:4a:b1:6f:78:d4:37:b7:91:2a:fc:56:d9:ac:97:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegDeleteKeyA

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteFileA
EnterCriticalSection
ExitProcess
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetTempPathA
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
OpenFile
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SleepEx
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile

lz32

LZClose
LZCopy
LZOpenFileA

user32

CreateDialogParamA
DestroyWindow
EndDialog
EnumThreadWindows
FindWindowA
GetSystemMetrics
GetWindowRect
MessageBoxA
SetWindowPos

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SETUP.TXT
SKYLINE.BM_
SPLIT.CP_
SPLIT.EX_
SPLIT.FV_
SPLIT.XV_
STONES.BA_
TAIL.EX_
TOUCH.CP_
TOUCH.EX_
TOUCH.FV_
TOUCH.H_
TOUCH.XV_
TROUBLE.TXT
UNCOMP.EX_
UNINST.EX_
UNIX2DOS.EX_
UNTAR.EX_
UNZIP.EX_
UUDECODE.EX_
UUENCODE.EX_
VENDOR.TXT
WIN_ONE.CH_
WIN_ONE.EX_
WOCMX.DL_
WOCMX.EX_
WODIB.DL_
WOE32.EX_
WOEXT.EX_
WOI.DL_
WOIO-VS.FV_
WOIO-VS.XV_
WOIO.C_
WOIO.H_
WOIO.LI_
WOLD32.EX_
WOMSG.H_
WOS32.DL_
WOS32.EX_
WOS32S.DL_

Sharing

General

Malware Config

Signatures

Files

a9cc4f185176e66cb719d23f0e2bd6a4

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

11:c9:58:99:57:7e:00:cc:53:23:5f:fd:fe:b3:0a:39Certificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

2c:05:38:62:83:4a:b1:6f:78:d4:37:b7:91:2a:fc:56:d9:ac:97:98Signer

Headers

File Characteristics

Imports

advapi32

kernel32

lz32

user32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 40KB

.data Size: 9KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

11:c9:58:99:57:7e:00:cc:53:23:5f:fd:fe:b3:0a:39
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

2c:05:38:62:83:4a:b1:6f:78:d4:37:b7:91:2a:fc:56:d9:ac:97:98
Signer

.text
Size: 38KB - Virtual size: 40KB

.data
Size: 9KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB