0bdd2f4f354d17594a64876379478fe5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bdd2f4f354d17594a64876379478fe5_JaffaCakes118
Size

30KB
MD5

0bdd2f4f354d17594a64876379478fe5
SHA1

7e19beb23b1f2ea0951d974f8b38592042421ba5
SHA256

1dc7d219830ba0d6a7bb1ef6b6a06958bd1a2c15f5c9d44c430f8c6e019e3b42
SHA512

280dac6408d2d5fd10eb322d2f9204085d9df4b6f60cc03217b7087c3335dab512672c80cc477895009bd25d0b34179d8a84e616ba9661c3eba68acde21e6272
SSDEEP

384:Xb9JdgRAM3inLjt3yfx/ml35odR/9U8rsy97RwSlomkj1k:X4AZyfBC8gMRwSlom1

Score

1^/10

Malware Config

Signatures

Files

0bdd2f4f354d17594a64876379478fe5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edbfd0aafda97fd6c57a6415ca14959b

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

da:b2:3d:dd:8b:a0:db:00:3d:b9:a3:fd:ce:92:38:45
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/10/2007, 00:00

Not After

24/10/2008, 23:59

Subject

CN=Shelby Group Ltd.,O=Shelby Group Ltd.,POSTALCODE=have no,STREET=suite 508 marina Towers,L=Belize,ST=Belize,C=BZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
DeleteFileA
CloseHandle
GetFileSize
CreateFileA
CreateThread
CopyFileA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
CreateDirectoryA
GetWindowsDirectoryA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetVolumeInformationA
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetStringTypeW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LoadLibraryA
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

wsprintfA
IsWindowVisible
IsZoomed
DispatchMessageA
TranslateMessage
GetMessageA
IsChild

advapi32

RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

wsock32

sendto
connect
WSAStartup
ioctlsocket
socket
recvfrom
htons

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edbfd0aafda97fd6c57a6415ca14959b

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

da:b2:3d:dd:8b:a0:db:00:3d:b9:a3:fd:ce:92:38:45Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

shell32

comctl32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 240B

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

da:b2:3d:dd:8b:a0:db:00:3d:b9:a3:fd:ce:92:38:45
Certificate

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 240B