9d9b4301a9e38bd81b9c698a83b8b377_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9d9b4301a9e38bd81b9c698a83b8b377_JaffaCakes118
Size

560KB
MD5

9d9b4301a9e38bd81b9c698a83b8b377
SHA1

f5382e42d6ac18db5684dd3777844b348601b884
SHA256

e04836bf65791103c94a5b63c0283b648d9278a3b6a59c7e5f962dc75785784a
SHA512

e27ddd2c7cc37b827ff4568630ff0f608424828336f0b786fe7b2f296f3d89f01d2813e3db2a9444eaca022763bb8f80e710fcd0667b052c5ae3bfe5ec2d285a
SSDEEP

6144:33sSVaLKtMP6X0LCZkCy3KUmvVel0eMxxf5IYkbHIAtWAWM7zFr7TXE0WKRsEt66:svWCMZ1SKUIIsxBN+HIoJ3d9WTKfBMC

Score

1^/10

Malware Config

Signatures

Files

9d9b4301a9e38bd81b9c698a83b8b377_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc145fd4786868bbffac60fc85b0b9c5

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c9:be:03:b7:59:b3:c9:58:ed:3b:bf:b0:01:50:63:09
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2016, 00:00

Not After

25/05/2017, 23:59

Subject

CN=Inergen,O=Inergen,POSTALCODE=109117,STREET=AVENUE VOLGOGRAD\, House 93\, Building 2\, ROOM II ROOM 12\,,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

06:99:9a:7c:3d:f0:fe:f3:94:f8:57:fd:be:8d:eb:a9:f0:32:9b:8e:6f:f0:9f:45:4d:74:30:eb:92:5b:8b:f5
Signer

Actual PE Digest

06:99:9a:7c:3d:f0:fe:f3:94:f8:57:fd:be:8d:eb:a9:f0:32:9b:8e:6f:f0:9f:45:4d:74:30:eb:92:5b:8b:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
FindResourceW
FlushInstructionCache
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleFileNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapSetInformation
HeapSize
InitializeCriticalSection
EnterCriticalSection
InterlockedPushEntrySList
LeaveCriticalSection
LoadResource
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualFree
WideCharToMultiByte
lstrcmpW
lstrlenW
DeleteFileW
DeleteCriticalSection
CreateMutexW
CreateFileW
CloseHandle
GetModuleHandleW
GetProcessHeap
HeapAlloc
InterlockedPopEntrySList
VirtualAlloc

user32

LoadBitmapA
LoadIconW
DestroyWindow
LoadIconA

advapi32

GetTraceEnableFlags
RegQueryValueExW
RegOpenKeyA
GetTraceLoggerHandle
RegisterTraceGuidsW
TraceEvent
TraceMessage
UnregisterTraceGuids
GetTraceEnableLevel

Sections

.text
Size: 547KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc145fd4786868bbffac60fc85b0b9c5

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

c9:be:03:b7:59:b3:c9:58:ed:3b:bf:b0:01:50:63:09Certificate

Extended Key Usages

Key Usages

06:99:9a:7c:3d:f0:fe:f3:94:f8:57:fd:be:8d:eb:a9:f0:32:9b:8e:6f:f0:9f:45:4d:74:30:eb:92:5b:8b:f5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 547KB - Virtual size: 547KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

c9:be:03:b7:59:b3:c9:58:ed:3b:bf:b0:01:50:63:09
Certificate

06:99:9a:7c:3d:f0:fe:f3:94:f8:57:fd:be:8d:eb:a9:f0:32:9b:8e:6f:f0:9f:45:4d:74:30:eb:92:5b:8b:f5
Signer

.text
Size: 547KB - Virtual size: 547KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB