008691e898c9648cc20514bc1a625e29_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

008691e898c9648cc20514bc1a625e29_JaffaCakes118
Size

9KB
MD5

008691e898c9648cc20514bc1a625e29
SHA1

088b84620406eb02514bdf2ed908300a5a98e4f5
SHA256

02d097971a4d8cc575d7c10ab42445dec030306d77707486df714f53fe0e4fdd
SHA512

d9a7b1ee8736de23ea3bbdf22421df01e47ba78f763d872789660fa04b11fcfc018895b34e34092fcba86b63bb9bdbbc59363e3edf9f526e7aa6cefeb21963d1
SSDEEP

192:9pLByBxQf74LsSM1Sy1dEyncjWOITu32dgylY+6P4qf:95kbQisSMpxn3Ttm+6Am

Score

1^/10

Malware Config

Signatures

Files

008691e898c9648cc20514bc1a625e29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4c32b7226b9228c1bb6af13525c1553

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4b:c4
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

25-11-2003 17:05

Not After

24-11-2005 17:05

Subject

CN=Click Yes To Enter Ltd,OU=Secure Application Development,O=Click Yes To Enter Ltd,L=Road Town,ST=Tortola,C=VI

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GlobalFree
CloseHandle
WriteFile
CreateFileA
lstrlenA
GlobalAlloc
WaitForSingleObject
CreateThread
ExitProcess
GetTickCount
GetWindowsDirectoryA
Sleep
lstrcatA
lstrcpyA

rasapi32

RasDialA
RasEnumConnectionsA
RasEnumDevicesA
RasHangUpA
RasSetEntryPropertiesA

ws2_32

WSACleanup
closesocket
shutdown
WSAStartup
connect
htons
gethostbyname
inet_addr
socket
recv
send

user32

wsprintfA

Sections

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4c32b7226b9228c1bb6af13525c1553

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

1f:4b:c4Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

rasapi32

ws2_32

user32

Sections

.data Size: 3KB - Virtual size: 3KB

01
Certificate

0a
Certificate

1f:4b:c4
Certificate

.data
Size: 3KB - Virtual size: 3KB