1a15f1e7317c6e580820f1340414ea66_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1a15f1e7317c6e580820f1340414ea66_JaffaCakes118
Size

124KB
MD5

1a15f1e7317c6e580820f1340414ea66
SHA1

35160196b904d518be0981c8acb1d35c6c0cd318
SHA256

fcd12780fb2f39603a76283a6bd4d15f2ae2cbe7fae6c7ab74995714655412cd
SHA512

21d1408860d4b32085772c01c45317706815a0184e04bb2dfe6f6d68689079da4f6d20199b029d659a35169045d80694bbcfdee34a37b24467f962592d0e0e36
SSDEEP

3072:mPIBGYnbRXAikmc0qNOxnxKph6BC7KJq6VF19F:mEb1R6InQgC7KVF19F

Score

1^/10

Malware Config

Signatures

Files

1a15f1e7317c6e580820f1340414ea66_JaffaCakes118
.exe windows:2 windows x86 arch:x86

51917a646c24cc7d6009fc051af49bb3

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02-03-2010 00:00

Not After

02-03-2011 23:59

Subject

CN=Comodo Security Solutions\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Comodo Security Solutions\, Inc.,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:d3:16:01:02:da:b2:9c:20:5e:fb:97:1d:68:ca:68:ab:8a:08:9b
Signer

Actual PE Digest

b6:d3:16:01:02:da:b2:9c:20:5e:fb:97:1d:68:ca:68:ab:8a:08:9b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetModuleHandleW
GetComputerNameA
GetDiskFreeSpaceA
FileTimeToDosDateTime
EnumDateFormatsW
GetProcessHeap
GetLogicalDriveStringsA
SystemTimeToFileTime
MoveFileA
GetVersionExA
LoadLibraryW
QueryPerformanceFrequency
GetStartupInfoA
EnumTimeFormatsW
GetCommandLineA
VirtualAlloc
ReplaceFileA
lstrcatW
GetVersionExW
CreateFileA
lstrcat
GetProcessId
GetSystemDirectoryA
GetDateFormatW
GetCalendarInfoW
GetModuleFileNameA
GetLastError
lstrcmpW
GetAtomNameW

user32

SetDlgItemTextA
EnumChildWindows
GetMenuInfo
GetCapture
CharPrevW
MonitorFromPoint
CreateDialogParamW
FrameRect
TrackPopupMenu
mouse_event
GetKeyboardLayout
GetClassInfoW
InvalidateRgn
ShowCursor
MessageBoxA
UpdateWindow
CharUpperA
GetParent
SetWindowTextA
EnumDesktopWindows
GetMenuStringW
CreateDialogIndirectParamA
LoadImageA
AdjustWindowRect
CreateWindowExW
GetScrollPos
CreateDialogIndirectParamW
EnumWindows
GetActiveWindow
InsertMenuA
TrackPopupMenuEx
wsprintfA
FlashWindow

gdi32

EnumEnhMetaFile
SetDIBColorTable
EndPath
EnumFontsW
ModifyWorldTransform
SetArcDirection
CreateDCW
CreateSolidBrush
PathToRegion
GetEnhMetaFilePaletteEntries
SetTextAlign
CombineRgn
GetTextExtentPointW
GetTextExtentExPointW
CreateFontIndirectW
GetOutlineTextMetricsW
GetOutlineTextMetricsA
GetObjectType

advapi32

RegEnumKeyA
RegSaveKeyA
RegCreateKeyA
RegCreateKeyExW

shell32

StrRChrW
StrCmpNA
StrChrIA

shlwapi

SHEnumKeyExA

comctl32

FlatSB_ShowScrollBar
DSA_DestroyCallback
ImageList_Destroy

ole32

GetClassFile
CreateFileMoniker
CoCreateInstanceEx

oleaut32

VarCyFromUI4

version

VerQueryValueW

ws2_32

gethostbyaddr
select
WSAEnumNetworkEvents
getpeername
recvfrom

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51917a646c24cc7d6009fc051af49bb3

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8Certificate

Extended Key Usages

Key Usages

b6:d3:16:01:02:da:b2:9c:20:5e:fb:97:1d:68:ca:68:ab:8a:08:9bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

ole32

oleaut32

version

ws2_32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 100KB

.rsrc Size: 98KB - Virtual size: 98KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

2c:01:58:55:22:e8:fa:61:13:8a:ef:a4:f6:27:ee:a8
Certificate

b6:d3:16:01:02:da:b2:9c:20:5e:fb:97:1d:68:ca:68:ab:8a:08:9b
Signer

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 100KB

.rsrc
Size: 98KB - Virtual size: 98KB