b23b47642ed557090b2f9ccd4d6d7e96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b23b47642ed557090b2f9ccd4d6d7e96_JaffaCakes118
Size

87KB
MD5

b23b47642ed557090b2f9ccd4d6d7e96
SHA1

2c60f2c780e8040c52ce577c95a1d339a106a8ff
SHA256

78f0f8f0b04c2ef75cc2b8dfe0a32dbdf3ed3b14e2491a3e4c32577ff9f82c1d
SHA512

24482c0c44fa4165212f72adf54d94c23e5e0851b41ac1a8d9579e8b2510dc936750249ec8b39563075344a9456c1c782a0c4107d08e9c4453fcd1b4e49daafc
SSDEEP

768:yspjN7masPcbmZOzyKGdsmkHtpwpSH3UMp4K0/06gZiH3YbcZ8ysAa23ZLJ:ROEEMzHtpc2l0/0JZiH3YbcZ8lYJ

Score

1^/10

Malware Config

Signatures

Files

b23b47642ed557090b2f9ccd4d6d7e96_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cdb27fb2f0594d54544e89a6bc6e3a1b

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:e7:39:5a:17:82:f6:11:ba:5e:ff:40:20:77:8a:e1
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

18/10/2010, 00:00

Not After

17/10/2013, 23:59

Subject

CN=TVersity Inc.,O=TVersity Inc.,POSTALCODE=07670,STREET=44 Roberts Ct.,L=Tenafly,ST=NJ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

72:b9:a4:06:3c:97:b7:a5:ba:48:d6:b2:2f:c9:a7:eb:d6:4f:ef:24
Signer

Actual PE Digest

72:b9:a4:06:3c:97:b7:a5:ba:48:d6:b2:2f:c9:a7:eb:d6:4f:ef:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

calloc
_onexit
__dllonexit
_adjust_fdiv
_initterm
_beginthreadex
malloc
exit
longjmp
_ftime
_errno
_setjmp3
_endthreadex
free

wsock32

WSAGetLastError
WSASetLastError

kernel32

TlsSetValue
EnterCriticalSection
TlsAlloc
GetCurrentProcessId
OpenProcess
LoadLibraryA
WaitForMultipleObjects
FreeLibrary
GetProcAddress
SetThreadPriority
ReleaseSemaphore
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
TlsFree
CreateSemaphoreA
SetEvent
CloseHandle
WaitForSingleObject
CreateEventA
InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
ResetEvent
GetCurrentProcess
GetCurrentThreadId
Sleep
GetThreadPriority
DuplicateHandle
GetCurrentThread
GetProcessAffinityMask
SetLastError
TlsGetValue
GetLastError
InterlockedDecrement

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getw32threadhandle_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdb27fb2f0594d54544e89a6bc6e3a1b

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

62:e7:39:5a:17:82:f6:11:ba:5e:ff:40:20:77:8a:e1Certificate

Extended Key Usages

Key Usages

72:b9:a4:06:3c:97:b7:a5:ba:48:d6:b2:2f:c9:a7:eb:d6:4f:ef:24Signer

Headers

File Characteristics

Imports

msvcrt

wsock32

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

62:e7:39:5a:17:82:f6:11:ba:5e:ff:40:20:77:8a:e1
Certificate

72:b9:a4:06:3c:97:b7:a5:ba:48:d6:b2:2f:c9:a7:eb:d6:4f:ef:24
Signer

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB