2c4a622558eb45c54c1f8f4d0036c009_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4a622558eb45c54c1f8f4d0036c009_JaffaCakes118
Size

308KB
MD5

2c4a622558eb45c54c1f8f4d0036c009
SHA1

1921879d75075ece466677a48789f767c48b5083
SHA256

6ecf9adf6226faa8e34c3c87db1e33e43ce345e0567b1ed551e0e366e846e3cb
SHA512

0426ed9e644a52f8f1d01780d62a9dc0f53a8052b44cbead530ceed769cce14c1c63a00c019fc1c4ad6288adfe0e5dd63ba41ff94b2e75704ea380ce8f9254d2
SSDEEP

6144:hat9guK7K47+46NvC24o3VO7fy9JTXRCFZL4w9rG8FzaY+ScUe:8yHK47+M2VmZp9rp6ScUe

Score

1^/10

Malware Config

Signatures

Files

2c4a622558eb45c54c1f8f4d0036c009_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

Issuer

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Not Before

16/01/2013, 04:43

Not After

31/12/2039, 23:59

Subject

CN=ydCtq IAf2hhJwMuxHto9zrzpyom5 ma3oBjHMm7BozBy59rizrHDoctbal1Le7MeFMID7n9Cyyus1grng gi18AFdgLKsJ2axKujmv3rbGafAFEGDzlt6jFJpwqxe7nLzGqz9joAjElLEtvfhilBewt8EfjdHqKDHsbFLGduIKyDtkguoxGjsnl5ntHLqq8uKy8Kd8xM3meid6ipK9 lMp4wFb1bfJFJ68mkbCqlghMm2HevnxfhziKbkfdBHpg3x v9JlCdexaHzh78bDiEzsaq8hjst5wEuJCgGKh3vuB49vMaxjDD4oD1Leq7sEckaH1HLEiM9521G u3uw8ovm9KumBh4Gvxp9EMt5B9Lg31DI68jHnf9ylbFt1LI1tyKExfqahmFsAcq 1D5fEEdfpv56wIf4MpMgg5b2HsvjAlrFr2hmr3qhdI72fwd72ggIjz B IwGdF9I2 7A8jk1LvteG9 nCp2DGu8MCGdbarpsJl5zti1g9dB4IvMGzqMJh8m2svaC3Gh6zhaEG5g8nenGidEEMI8DClC8jK127fja8ArtlsGELIKdt9mr8Etop 6wfHvmDyv9au9qwG5hrdqBbdn7pdw dulHrHbhwgKEu96gkjrfno1Lu3KDLB EhmaIuBiKB9Budqm bgMeFxie3mtBKl28wEvrbwmA94ctvikvie1sx6sHtF uEIGF6tcKndjcMHH5nm8M8iagFME3x8d2zsemgFrqwIuAhkxC2BqzudwwJFBDlC6HjujlkBIcjrJiyLb36aw3akMsL I2GG6MmK81Fpr3sakcegA2ezCfE58Czn1nqlqsxb4qFvnmh4qzDsHhBI5xea9xrpwCtGLxFHyhB5sqacFdnbCBDbDu kj4Faq3wH45JyLMcpa8rF9Kc 68D8gyCw14Kd2kmtLu7ih64EshBL adeMcshjKG5dcJaztmH dE y6 7s 5uIwtnGKa51rnbkFlD7MdCI9lEi855JawFucK7n5he5EaJplvGF7KxwAJ8BlczDEJxDrqAg5sMik 949pkrFFxlHcen21jApGfc8ELkDusvj89ncBsGCqmMdKnf h1qJnazhpFlnkCMjGoroFuww6qt4ded1 wernab7rLFvCnGuFKEECI479oaMdGt46Hw2jwAHkFzLrywFJe3lLKkLb pdAy7pbD FwkmoBhADo25oMksvIl49Fk9JbrKE5kh 8 4ezwDkgh2o6GJ6pIvaawvLbt7eEhHb7Jip7yL 1wJjf3Cnb8GDcgAEaf5F99LHopBCeJsfsmAfnJxgbEtBiK wsxf3MKq77F6cnxex5ByK81ukzfKrh6rf bB5abFcaguxtKckuDat1cJEBEHG1M2mAF6aFeoM iflmeiIe92H8hi3nDIovEj9ryl5hqq r5ilqBi1eqE971qq7viw8MKy4grenM2A54whCDBpcdFG5Kun95lL9pwb6sqEkovHsCl1rf19 FghtisDrBbj5BoIGwFb62rj5qg4z3Lxdf2jxMb78FLplkGcCeL8Ee5b2akurjw hFuqMmhFMsClJ717byj1ClvcycME6JpAk2v ADs55q79Ef2jwyvgfsJhJnpvBCAh8q8ph2o2jpjl73ftbsMEfId2zLx5EDGGe 7DsvryutqdDfmrIM488pEBaah3zd diFq9htJ2hizpqEMrq9r4vbMyuBxmm9kkBpamHvpivE1DLEhaDvDm52pEEiJtcDjbJrt2828Mwb4hbn2iH5Gehxwey7uy43u1E67vmEha3MoC3rJcrlHr2pJGGkmHmk ydCtq

Extended Key Usages

ExtKeyUsageCodeSigning

cf:f7:e0:83:4c:6a:00:3a:06:2b:8d:76:3e:51:af:10:71:78:40:7e
Signer

Actual PE Digest

cf:f7:e0:83:4c:6a:00:3a:06:2b:8d:76:3e:51:af:10:71:78:40:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
ReadFile
CloseHandle
CreateThread
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
LocalAlloc
LocalFree
SetCurrentDirectoryA
SetErrorMode
SetFilePointer
FormatMessageA
VirtualAlloc

user32

LoadIconW
RegisterClassExA
LoadCursorA
LoadIconA

gdi32

GetStockObject

msvcrt

memset
_XcptFilter
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_ltow
_wcslwr
_wfopen
_wfullpath
_wsplitpath
exit
fclose
floor
fwprintf
swprintf
wcsncpy
wcsstr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b07948b651944f424c7a08c8b785db

Code Sign

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7Certificate

Extended Key Usages

cf:f7:e0:83:4c:6a:00:3a:06:2b:8d:76:3e:51:af:10:71:78:40:7eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 2KB - Virtual size: 2KB

22:9d:e5:30:05:bc:54:8f:47:57:37:d0:8e:c8:c9:a7
Certificate

cf:f7:e0:83:4c:6a:00:3a:06:2b:8d:76:3e:51:af:10:71:78:40:7e
Signer

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 2KB - Virtual size: 2KB