1ba7e37f83d40d05e15785316d3a1dc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1ba7e37f83d40d05e15785316d3a1dc5_JaffaCakes118
Size

4.8MB
MD5

1ba7e37f83d40d05e15785316d3a1dc5
SHA1

8e7b946343b6b5434f14a4294f30e12bd0ba02eb
SHA256

da32d202f75b51fda73d127539fbaf84f6ddeb3b99a0bcc85e2641aa6ba7d8c8
SHA512

ddeff21fa27b1b76ebc7f22ff1ff28e1ad115829ea3404fdd495120699ad2a0bae2a4412760a7d00be6022d502e9bf45d4562800161db246784eca67978452fe
SSDEEP

98304:ILWcI091MJ4K0TSy+xA0+McS+0nS8Y35s0HMlAozD4be2:7891M2Ku6pnLY35scAAS4v

Score

1^/10

Malware Config

Signatures

Files

1ba7e37f83d40d05e15785316d3a1dc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a134e5d855791d6a2349b03590a8bbc

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

6d:c4:f2:ad:b6:c0:1e:b5:af:c0:87:b8:75:03:1c:e2
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

19/04/2010, 00:00

Not After

18/04/2012, 23:59

Subject

CN=Safe Decision\, Inc,O=Safe Decision\, Inc,POSTALCODE=19958,STREET=16192 Coastal Highway,L=Lewes,ST=Delaware,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
PathFindFileNameA
SHDeleteKeyA
SHDeleteValueA
SHGetValueA
StrCmpIW
PathFindFileNameW

kernel32

HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleW
CreateDirectoryA
GetLastError
LoadLibraryA
GetTempPathA
GetTickCount
VirtualFree
GetModuleFileNameW
CopyFileA
GetModuleFileNameA
GetCurrentProcessId
DeleteFileA
ExitProcess
FindResourceW
LoadResource
SizeofResource
LockResource
CreateThread
InitializeCriticalSection
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
CreateFileA
GetFileSize
SetFilePointer
WriteFile
OpenProcess
WideCharToMultiByte
HeapCreate
ReadFile
CreateFileW
MultiByteToWideChar
VirtualAlloc
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
CreateMutexW
MoveFileExA
FindFirstFileA
RemoveDirectoryA
FindClose
FindNextFileA
MapViewOfFile
SetEvent
OpenEventA
OpenFileMappingA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
RtlUnwind
FreeEnvironmentStringsA
QueryPerformanceCounter
TerminateProcess
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
HeapReAlloc
GetConsoleMode
GetCPInfo
GetStdHandle
LocalAlloc
FreeLibrary
InterlockedExchange
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
GetConsoleCP

user32

RegisterClassExW
MessageBoxA
DefWindowProcW
TranslateMessage
DispatchMessageW
PostMessageW
LoadCursorW
GetMessageW
LoadIconW
ShowWindow
CreateWindowExW
GetSystemMetrics
GetWindowRect
PostQuitMessage

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHChangeNotify

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.easydl
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ed
Size: 808KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.html
Size: 924KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ico
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cloud
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t1
Size: 868KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a134e5d855791d6a2349b03590a8bbc

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

6d:c4:f2:ad:b6:c0:1e:b5:af:c0:87:b8:75:03:1c:e2Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 21KB

.easydl Size: 1.8MB - Virtual size: 1.8MB

.ed Size: 808KB - Virtual size: 806KB

.html Size: 924KB - Virtual size: 921KB

.ico Size: 100KB - Virtual size: 99KB

.cloud Size: 4KB - Virtual size: 3KB

.t1 Size: 868KB - Virtual size: 864KB

.rsrc Size: 248KB - Virtual size: 245KB

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

6d:c4:f2:ad:b6:c0:1e:b5:af:c0:87:b8:75:03:1c:e2
Certificate

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 21KB

.easydl
Size: 1.8MB - Virtual size: 1.8MB

.ed
Size: 808KB - Virtual size: 806KB

.html
Size: 924KB - Virtual size: 921KB

.ico
Size: 100KB - Virtual size: 99KB

.cloud
Size: 4KB - Virtual size: 3KB

.t1
Size: 868KB - Virtual size: 864KB

.rsrc
Size: 248KB - Virtual size: 245KB