b24b1dc60566254621b232ea9d026de5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b24b1dc60566254621b232ea9d026de5_JaffaCakes118
Size

454KB
MD5

b24b1dc60566254621b232ea9d026de5
SHA1

76e946b3731d6306b3c2742c33783b46d3bd137e
SHA256

15c617dc6b598a9f22c16d7786ebb9247a0a8d102610975719fdf7b89e4cc860
SHA512

c2b63bfeef165df7ba6e0233f50ef4d7a278f6303376496acfed41da594ef498c0da354bda2cfe5826c28d7892417829822d394ceac93755e4bc5ee6534d290f
SSDEEP

6144:bbS1O0x1SctyTN6EYxkAE8LbrXOpJss6Mv8Wkm5W+lR2mgro:86sxkSL/O7/6Qkmw+bgro

Score

1^/10

Malware Config

Signatures

Files

b24b1dc60566254621b232ea9d026de5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a435a0112d3a95c5de6824d28d020333

Code Sign

19:1a:63:69:e1:32:89:4a:cc:8e:0e:9c:92:24:c4:e2
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

04/02/2015, 00:00

Not After

04/02/2016, 23:59

Subject

CN=Consortium Group ltd.,O=Consortium Group ltd.,POSTALCODE=00152,STREET=CORNER OF GR.MARLBOROUGH UN GR.GEORGE STR+STREET=3RD FLOOR\, C&h TOWERS,L=ROSEAU,ST=ROSEAU,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

85:35:c0:59:af:57:70:b7:42:bd:0d:91:78:40:b3:53:dc:81:3b:61
Signer

Actual PE Digest

85:35:c0:59:af:57:70:b7:42:bd:0d:91:78:40:b3:53:dc:81:3b:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

wininet

HttpEndRequestA

kernel32

GetModuleHandleW
LockResource
WriteFile
GetLastError
CloseHandle
CreateFileMappingA
FreeResource
CompareStringA
FileTimeToDosDateTime
EnumCalendarInfoA
CreateEventA
GetTempPathA
InterlockedIncrement
GetSystemInfo
GetStringTypeExA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetTickCount
GetStringTypeA
GetCommandLineA
LoadLibraryA
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
SetFilePointer
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetStartupInfoA
GetProcAddress
GetStringTypeW
LCMapStringA
CreateFileA
VirtualAlloc
ExitProcess
GetVersionExA
GetVersion
CreateThread
GetOEMCP
GetModuleHandleA
LCMapStringW
MultiByteToWideChar

user32

GetDC
MessageBoxA
CreateDialogParamA
GetSystemMetrics
CreateWindowExA
LoadIconW
LoadCursorW
RegisterClassW
IsRectEmpty
IsWindow
SetPropA
SetRect
SetScrollInfo
GetWindowPlacement
GetWindowRect
GetClassNameA
GetKeyboardType
GetScrollPos
PtInRect
RedrawWindow
RegisterClipboardFormatA
CharNextA
GetCapture
LoadStringA
GetClientRect
SetMenuItemInfoA

gdi32

GetClipBox
CreatePenIndirect
CreatePen
TextOutW
SetDIBColorTable
ExcludeClipRect
GetDeviceCaps
Rectangle
GetStockObject

advapi32

RegCreateKeyExA
AllocateLocallyUniqueId
RegCloseKey

shell32

StrStrIA

ole32

CoTaskMemAlloc

oleaut32

SysReAllocStringLen
SafeArrayGetElement

Sections

.text
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a435a0112d3a95c5de6824d28d020333

Code Sign

19:1a:63:69:e1:32:89:4a:cc:8e:0e:9c:92:24:c4:e2Certificate

Extended Key Usages

Key Usages

85:35:c0:59:af:57:70:b7:42:bd:0d:91:78:40:b3:53:dc:81:3b:61Signer

Headers

File Characteristics

Imports

comctl32

version

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 404KB - Virtual size: 401KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 41KB

.rsrc Size: 28KB - Virtual size: 27KB

19:1a:63:69:e1:32:89:4a:cc:8e:0e:9c:92:24:c4:e2
Certificate

85:35:c0:59:af:57:70:b7:42:bd:0d:91:78:40:b3:53:dc:81:3b:61
Signer

.text
Size: 404KB - Virtual size: 401KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 41KB

.rsrc
Size: 28KB - Virtual size: 27KB