2cd68efcb322962f1ba0199e1f15d124_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cd68efcb322962f1ba0199e1f15d124_JaffaCakes118
Size

35KB
MD5

2cd68efcb322962f1ba0199e1f15d124
SHA1

076841dc0f1fb9c1c247de2c08347c6949283046
SHA256

b9d301079e97db7718dd6a389b670dc355e784d18b6ee60f4ee3f9b4f10b2e23
SHA512

3bb409e84c40b1f411ec7fb6b80ecb8ba15fb3e06616054f6317c86f82e635fe2c9829bf6a4dd878475fcc95e3d3838ac2d797eb14c2ade4dc4747907ee0b450
SSDEEP

768:DxuZr1z57VhPjLz/F5lzLJmapRhfraGhz1L40nnXLQ:lwrFJVhPjLzzxVpmGhz1U0nnXLQ

Score

1^/10

Malware Config

Signatures

Files

2cd68efcb322962f1ba0199e1f15d124_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2dd0dc6ac8ce3a1703e7576b407f2a05

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:fd:b3
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

31/03/2004, 07:26

Not After

26/03/2005, 09:45

Subject

CN=VIDACO Handels- und Beratungs GmbH,OU=Secure Application Development,O=VIDACO Handels- und Beratungs GmbH,L=Wien,ST=Wien,C=AT

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

IsWindowVisible

gdi32

SetBkColor

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CoCreateInstance

oleaut32

SystemTimeToVariantTime

rasapi32

RasEnumDevicesA

Sections

pec1
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dd0dc6ac8ce3a1703e7576b407f2a05

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

3d:fd:b3Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

rasapi32

Sections

pec1 Size: 21KB - Virtual size: 52KB

.rsrc Size: 7KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 4KB

01
Certificate

0a
Certificate

3d:fd:b3
Certificate

pec1
Size: 21KB - Virtual size: 52KB

.rsrc
Size: 7KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 4KB