9b26481840989d1735df426aba7b130c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9b26481840989d1735df426aba7b130c_JaffaCakes118
Size

560KB
MD5

9b26481840989d1735df426aba7b130c
SHA1

958a4ad4c5711e6e787dad463325421694946b5e
SHA256

2474d794141db8ae0e2f248a7db66c0b7f893e3618bc8d0c641fa0e9ca742b94
SHA512

18c01aad07d1e9e2846fb66cee957bcf11f93d5db8d1cb35f3c31ebe3521ea761aec341a5caaac66cbf08d15365c4b71da13e55a47b1a489f4acbb0c668c43ff
SSDEEP

12288:AYihKOfIE3yqAZq3iI2MYSIMVrHSUpntyv:ALKfE32aPQMhyUptyv

Score

1^/10

Malware Config

Signatures

Files

9b26481840989d1735df426aba7b130c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64cfe27cc529edab64803f9143b8aaff

Code Sign

42:a5:37:12:64:ff:71:c3:83:b9:46:7e:1d:76:db:b1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-11-2012 00:00

Not After

21-11-2014 23:59

Subject

CN=Ease Entertainment Services\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Ease Entertainment Services\, LLC,L=Beverly Hills,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:d0:e5:07:12:b4:ac:f9:3c:66:2b:d9:5d:79:5b:16:b9:b3:f2:ed
Signer

Actual PE Digest

b9:d0:e5:07:12:b4:ac:f9:3c:66:2b:d9:5d:79:5b:16:b9:b3:f2:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

clusapi

AddClusterResourceDependency

shlwapi

SHCreateThread
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegGetValueA
SHRegGetValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW

kernel32

GetTickCount
_lopen
GetWindowsDirectoryA
GetACP
OutputDebugStringA
PeekConsoleInputA
HeapReAlloc
HeapSetInformation
SetFileApisToANSI
SetFileApisToOEM
LZRead

gdi32

CloseFigure
CloseMetaFile
ColorCorrectPalette
ColorMatchToTarget
CombineRgn
CombineTransform
CopyEnhMetaFileA
CopyEnhMetaFileW
CopyMetaFileA
CopyMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateColorSpaceA
CreateColorSpaceW
CreateCompatibleBitmap
CreateCompatibleDC

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 262KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 519KB - Virtual size: 520KB

IMAGE_SCN_MEM_READ

Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64cfe27cc529edab64803f9143b8aaff

Code Sign

42:a5:37:12:64:ff:71:c3:83:b9:46:7e:1d:76:db:b1Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

b9:d0:e5:07:12:b4:ac:f9:3c:66:2b:d9:5d:79:5b:16:b9:b3:f2:edSigner

Headers

File Characteristics

Imports

clusapi

shlwapi

kernel32

gdi32

Sections

.text Size: 23KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 262KB

.rsrc Size: 519KB - Virtual size: 520KB

Size: - Virtual size: 8KB

42:a5:37:12:64:ff:71:c3:83:b9:46:7e:1d:76:db:b1
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

b9:d0:e5:07:12:b4:ac:f9:3c:66:2b:d9:5d:79:5b:16:b9:b3:f2:ed
Signer

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 262KB

.rsrc
Size: 519KB - Virtual size: 520KB