3d0bd5d430364843dc2acc7c1b7ff4c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d0bd5d430364843dc2acc7c1b7ff4c4_JaffaCakes118
Size

118KB
MD5

3d0bd5d430364843dc2acc7c1b7ff4c4
SHA1

2b2136adfdb6ce8b41a82cf84e59cc2c22ba7961
SHA256

dfcbadc27cf046d78881f52650f7fb99e9c9985b700e114e9c59d6204c53d138
SHA512

586372ecf4f59d4948b96d2cd26cda261a2f16d8ac43e11af9193fa20b3f27d6b8d74b9a97078326c9c48e02a0350b76bdcae0993b0b4b53807d83b7b63a40ab
SSDEEP

3072:cn1Z6JG6xHyU2D54gvRbDEJkG+Gt1Pyd5zIDZeoVxAJg:cnXcG6gU2DHZ/EZ+myd5z3oVKe

Score

1^/10

Malware Config

Signatures

Files

3d0bd5d430364843dc2acc7c1b7ff4c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f0389f42ca92d00092fd9cc42e0d7da

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f4:39:27:05:f6:80:95:39:d0:1c:c9:00:1d:e0:de:6d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

07/04/2010, 00:00

Not After

06/04/2013, 23:59

Subject

CN=Link Data Security A/S,O=Link Data Security A/S,POSTALCODE=1620,STREET=Vesterbrogade 51,L=København V,ST=Copenhagen,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:f5:e0:1d:46:9a:af:60:97:9d:5f:7c:1f:8c:9a:83:80:79:11:3a
Signer

Actual PE Digest

2b:f5:e0:1d:46:9a:af:60:97:9d:5f:7c:1f:8c:9a:83:80:79:11:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
DeleteFileA
DuplicateHandle
ExitProcess
GetBinaryTypeA
GetCommandLineA
GetCurrentProcess
GetDriveTypeA
GetFileAttributesA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetTickCount
CreateProcessA
GlobalAlloc
GlobalFree
OpenProcess
ReadFile
ResumeThread
SetEvent
SetFilePointer
SetLastError
TerminateProcess
WaitForSingleObject
WriteProcessMemory
HeapAlloc
RaiseException
CreatePipe
CreateFileA
LoadLibraryA
CreateEventA
GetVolumeInformationA
CloseHandle
VirtualAlloc
VirtualFree
HeapFree
WriteFile
GetTempFileNameA
GetTempPathA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryA
ExpandEnvironmentStringsA
GetThreadContext
SetThreadContext
GetVersionExA
GetProcAddress
HeapCreate

user32

TranslateMessage
SendMessageA
RegisterClassA
PostMessageA
PeekMessageA
GetMessageA
DispatchMessageA
CreateWindowExA
DefWindowProcA
MessageBoxA

advapi32

RegCloseKey
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA

ole32

CoTaskMemFree

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f0389f42ca92d00092fd9cc42e0d7da

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

f4:39:27:05:f6:80:95:39:d0:1c:c9:00:1d:e0:de:6dCertificate

Extended Key Usages

Key Usages

2b:f5:e0:1d:46:9a:af:60:97:9d:5f:7c:1f:8c:9a:83:80:79:11:3aSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 72KB - Virtual size: 77KB

.rsrc Size: 24KB - Virtual size: 24KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

f4:39:27:05:f6:80:95:39:d0:1c:c9:00:1d:e0:de:6d
Certificate

2b:f5:e0:1d:46:9a:af:60:97:9d:5f:7c:1f:8c:9a:83:80:79:11:3a
Signer

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 72KB - Virtual size: 77KB

.rsrc
Size: 24KB - Virtual size: 24KB