901d67c157de6968d79cc32d3d325a49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

901d67c157de6968d79cc32d3d325a49_JaffaCakes118
Size

3.5MB
MD5

901d67c157de6968d79cc32d3d325a49
SHA1

ca8ab0eb136a2faf5e6694d0252b9b19026a0590
SHA256

63800d1df1f82a629027cc99cff7c5e4e3fc2ee66df7ec57ed950e48ef5c84f2
SHA512

122e320c6ac5e9c727e4c6ae51b3bdca68a2ea3eb02273f4935f8cd41e88091ed3b69f0d19c65b701cd8072087442d8a65de4938c28fc5eb0d92f185e87995ea
SSDEEP

49152:NUp8UoNtRKqIyyvxFqUzEH0Puu8OxxuMenhXyE+TcJujVQSIXFy6/Xt7OI96F36T:yp5oFyvxkhHUu4zehB0BIX7/99MF3

Score

1^/10

Malware Config

Signatures

Files

901d67c157de6968d79cc32d3d325a49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7617119cde5afea121182e7cd8e56744

Code Sign

7e:40:4b:2c:ed:cc:0a:aa:4c:ab:2e:58:8a:86:dd:2a
Certificate

Issuer

CN=Company of EU Licenser

Not Before

15/05/2020, 12:50

Not After

16/05/2030, 12:50

Subject

CN=Company of EU Licenser

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fb:30:2a:d8:fb:b7:70:51:f8:7c:43:1c:5c:bb:46:18:ef:5c:26:68:ff:03:a9:50:0a:9e:32:65:81:a5:b0:b3
Signer

Actual PE Digest

fb:30:2a:d8:fb:b7:70:51:f8:7c:43:1c:5c:bb:46:18:ef:5c:26:68:ff:03:a9:50:0a:9e:32:65:81:a5:b0:b3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

OleInitialize

oleaut32

SafeArrayCreate

Sections

.MPRESS1
Size: 2.9MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 634KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7617119cde5afea121182e7cd8e56744

Code Sign

7e:40:4b:2c:ed:cc:0a:aa:4c:ab:2e:58:8a:86:dd:2aCertificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

fb:30:2a:d8:fb:b7:70:51:f8:7c:43:1c:5c:bb:46:18:ef:5c:26:68:ff:03:a9:50:0a:9e:32:65:81:a5:b0:b3Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

Sections

.MPRESS1 Size: 2.9MB - Virtual size: 5.1MB

.MPRESS2 Size: 3KB - Virtual size: 3KB

.rsrc Size: 634KB - Virtual size: 634KB

7e:40:4b:2c:ed:cc:0a:aa:4c:ab:2e:58:8a:86:dd:2a
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

fb:30:2a:d8:fb:b7:70:51:f8:7c:43:1c:5c:bb:46:18:ef:5c:26:68:ff:03:a9:50:0a:9e:32:65:81:a5:b0:b3
Signer

.MPRESS1
Size: 2.9MB - Virtual size: 5.1MB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 634KB - Virtual size: 634KB