aaf22df556d21bd1720cd97667875320_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaf22df556d21bd1720cd97667875320_JaffaCakes118
Size

925KB
MD5

aaf22df556d21bd1720cd97667875320
SHA1

1740958769868d0ee412f1163e925a64939f3bec
SHA256

1fc227d355b165743a37b92dd129c088cd51591e36beb9e8f2c670ddde7610b7
SHA512

ec8aba67952ef7de45fd093bce212e6aaa1c4364c41de6185b7c75172f44263b1795bc6ec820b5caae63495d86273621ae124c479bbc4cdc2532b58f9842155b
SSDEEP

6144:LKSD7pPGByB7b8Cm6+bG50ggmH0cZBFSEds+J/mwbnX3Ef0wEP39pPzsWL:O+7pPGBydIrmeEoEdPJPbX3E1EP39XL

Score

1^/10

Malware Config

Signatures

Files

aaf22df556d21bd1720cd97667875320_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5223df23030e9819dad7259f3564ff35

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7d:af:31:a7:26:12:74:de:55:9f:8f:a6:3e:ad:38:f8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29-05-2015 00:00

Not After

28-05-2020 23:59

Subject

CN=Internet Testing Systems,O=Internet Testing Systems,POSTALCODE=21211,STREET=Suite 401+STREET=3000 Chestnut Ave,L=Baltimore,ST=Maryland,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b6:ee:de:5d:61:8e:ef:8b:f1:58:d1:cf:f8:ca:04:6d:4a:4c:58:65
Signer

Actual PE Digest

b6:ee:de:5d:61:8e:ef:8b:f1:58:d1:cf:f8:ca:04:6d:4a:4c:58:65

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCloseHandle
FindNextUrlCacheGroup
HttpQueryInfoA
InternetOpenUrlA
InternetCanonicalizeUrlA
InternetGetConnectedState
InternetOpenA
DeleteUrlCacheGroup
FindFirstUrlCacheGroup
InternetReadFile
DeleteUrlCacheEntry

urlmon

CoInternetCreateZoneManager

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ws2_32

gethostname
WSAStartup
WSACleanup
gethostbyname

iphlpapi

GetAdaptersInfo

shell32

ShellExecuteA

user32

SetWindowPos
wsprintfA
GetWindowLongA
GetClientRect
SetWindowLongA
EnumChildWindows
SetFocus
GetWindowRect
MoveWindow
EnumDisplayMonitors
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetSystemMetrics
PostQuitMessage
DefWindowProcA
GetDesktopWindow
GetParent
IsWindow
MessageBoxA
IsWindowEnabled
EnableWindow
GetAsyncKeyState
GetClassNameA
PostMessageA
OpenClipboard
EmptyClipboard
CloseClipboard

kernel32

WriteConsoleA
SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
Sleep
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
HeapSize
GetStdHandle
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetConsoleOutputCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GlobalFree
GlobalAlloc
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
ExpandEnvironmentStringsA
GetLastError
GlobalReAlloc
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetTempPathA
GetProcAddress
MultiByteToWideChar
GetVersionExA
GetDriveTypeA
GetLogicalDriveStringsA
FreeLibrary
LoadLibraryA
GetVersion
GetCurrentProcessId
GetModuleHandleA
SetEnvironmentVariableA
GetTickCount
GlobalMemoryStatus
GlobalMemoryStatusEx
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
WriteConsoleW
FlushFileBuffers
TlsGetValue
GetComputerNameA
GetProcessHeap
GetCommandLineA
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

ole32

OleInitialize
CoSetProxyBlanket
CoCreateInstance
OleSetContainedObject
CoGetClassObject
OleUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 788KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5223df23030e9819dad7259f3564ff35

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

7d:af:31:a7:26:12:74:de:55:9f:8f:a6:3e:ad:38:f8Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

b6:ee:de:5d:61:8e:ef:8b:f1:58:d1:cf:f8:ca:04:6d:4a:4c:58:65Signer

Headers

File Characteristics

Imports

wininet

urlmon

version

ws2_32

iphlpapi

shell32

user32

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 423KB

.rsrc Size: 788KB - Virtual size: 787KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

7d:af:31:a7:26:12:74:de:55:9f:8f:a6:3e:ad:38:f8
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

b6:ee:de:5d:61:8e:ef:8b:f1:58:d1:cf:f8:ca:04:6d:4a:4c:58:65
Signer

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 423KB

.rsrc
Size: 788KB - Virtual size: 787KB