24e312dbd516844c619b23ccb0198e6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24e312dbd516844c619b23ccb0198e6c_JaffaCakes118
Size

308KB
MD5

24e312dbd516844c619b23ccb0198e6c
SHA1

54f7289bb6f12ae2761dba09d00b0efff54232cf
SHA256

6e82c9d00e3e7d0c626d50b2369ce8dedeeed70dfa113f26936da674bdf54319
SHA512

4a9339c3ff63267aeaaaec5bd4cccac961d38175edae6f375277020c9ca0ba553ed1e38b931b63f2fd01c2d7cf76ef10330809ee454a2b817c208b4d26a5f380
SSDEEP

6144:Dnt9xuK7K47+46NvC24o3VO7fy9JTTJGCFZL4w9rG8FzaxScUd:xXHK47+M2BGmZp9rpIScUd

Score

1^/10

Malware Config

Signatures

Files

24e312dbd516844c619b23ccb0198e6c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

Issuer

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Not Before

16/01/2013, 04:43

Not After

31/12/2039, 23:59

Subject

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Extended Key Usages

ExtKeyUsageCodeSigning

6d:5e:e1:f4:85:b9:7c:89:f4:62:b8:0d:df:24:b7:06:1a:9d:97:33
Signer

Actual PE Digest

6d:5e:e1:f4:85:b9:7c:89:f4:62:b8:0d:df:24:b7:06:1a:9d:97:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
ReadFile
CloseHandle
CreateThread
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
LocalAlloc
LocalFree
SetCurrentDirectoryA
SetErrorMode
SetFilePointer
FormatMessageA
VirtualAlloc

user32

LoadIconW
RegisterClassExA
LoadCursorA
LoadIconA

gdi32

GetStockObject

msvcrt

memset
_XcptFilter
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_ltow
_wcslwr
_wfopen
_wfullpath
_wsplitpath
exit
fclose
floor
fwprintf
swprintf
wcsncpy
wcsstr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7Certificate

Extended Key Usages

6d:5e:e1:f4:85:b9:7c:89:f4:62:b8:0d:df:24:b7:06:1a:9d:97:33Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 2KB - Virtual size: 2KB

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

6d:5e:e1:f4:85:b9:7c:89:f4:62:b8:0d:df:24:b7:06:1a:9d:97:33
Signer

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 2KB - Virtual size: 2KB