1c58ffcced145f36c3d0b1d3b5105eae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c58ffcced145f36c3d0b1d3b5105eae_JaffaCakes118
Size

190KB
MD5

1c58ffcced145f36c3d0b1d3b5105eae
SHA1

77c6149b23f4a9ffe1b04ce705815e88b43cd161
SHA256

c30cf89181269dcd69d56058cac8bfc138051920dfb79e25b07c856ae26a38ff
SHA512

e058f2f68e62416944e774293df52ae8614ccb84f82efbddbd020f48bfa631980d84bb3fd9935a7a3ba44c599d97ee26eb936890e01f4491b372cf3fa4d9b381
SSDEEP

3072:HFVTw5u66hpacNMlkAii7HpB7Q42oRgygAa9BjPmBzoO8ra:HFAu6xcNMlkkyH9Rmma

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

1c58ffcced145f36c3d0b1d3b5105eae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

23/10/2009, 00:00

Not After

22/10/2012, 23:59

Subject

CN=Net Transmit & Receive SL,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Net Transmit & Receive SL,L=Barcelona,ST=Barcelona,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Data
Event
Start
Stop

Sections

NTR0
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NTR1
Size: 182KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4cCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Exports

Exports

Sections

NTR0 Size: - Virtual size: 328KB

NTR1 Size: 182KB - Virtual size: 184KB

.rsrc Size: 4KB - Virtual size: 8KB

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4c
Certificate

NTR0
Size: - Virtual size: 328KB

NTR1
Size: 182KB - Virtual size: 184KB

.rsrc
Size: 4KB - Virtual size: 8KB