3e88286d6257d312ea03a808641ef063_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3e88286d6257d312ea03a808641ef063_JaffaCakes118
Size

38KB
MD5

3e88286d6257d312ea03a808641ef063
SHA1

e3ee8eb1c7cc10d62d0ca2bc7e10fef378baf055
SHA256

779b14247a3e3e1b1ef4191aace7c9f0d42f93e40d9f93c2a3580c11b25f73f7
SHA512

b4b19692dc9cef9ac86d2f1f6dbdb11c3200d9ca2d35589421adb66a925dfeca14b023036e959ed041830611e5cfd0708989404820115b91dbaf667285dc2a61
SSDEEP

768:aLxA5paneW2fm+JOrQp3OsEM2ZeY3rQJOQTJn3g/jbqmq2FmEVWFa9+otj6W:aYpangPdBOrPl3r0J3gHWFa9+gjf

Score

1^/10

Malware Config

Signatures

Files

3e88286d6257d312ea03a808641ef063_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e9b8f6bdd930da50030a9354243ccfd

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

12-12-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1c:b6:51:9b:25:28:d0:06:d1:da:98:71:53:da:d2:b3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001-4 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

04-02-2002 00:00

Not After

05-02-2003 23:59

Subject

CN=D and D Internet Services,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=D and D Internet Services,L=Medemblik,ST=NH,C=NL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetVersionExA
DeleteFileA
GetTempPathA
GlobalFree
GetModuleHandleA
lstrcatA
lstrcpyA
Sleep
FreeLibrary
GetModuleFileNameA
LoadLibraryA
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
CopyFileA
lstrcmpiA
lstrcmpA
CloseHandle
LCMapStringA
GetStringTypeW
GetStringTypeA
VirtualAlloc
HeapAlloc
HeapFree
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
LCMapStringW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess

user32

ShowWindow
MessageBoxA
SetWindowTextA
SetForegroundWindow
IsIconic
IsWindowVisible
PostQuitMessage
SendMessageA
PostMessageA
KillTimer
MessageBeep
DialogBoxParamA
DefWindowProcA
GetDlgItem
SendDlgItemMessageA
EndDialog
SetDlgItemTextA
GetSystemMetrics
CreateWindowExA
LoadCursorA
RegisterClassA
FindWindowA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
EnumWindows
GetWindowTextA
CloseWindow
SetTimer
EnableWindow
wsprintfA
DestroyWindow
UpdateWindow
LoadStringA
GetSysColor

gdi32

DeleteObject
SetTextColor
CreateFontA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA
Shell_NotifyIconA
FindExecutableA

Sections

.text
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WWP32
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e9b8f6bdd930da50030a9354243ccfd

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

1c:b6:51:9b:25:28:d0:06:d1:da:98:71:53:da:d2:b3Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 17KB - Virtual size: 29KB

.rdata Size: 1024B - Virtual size: 1KB

.data Size: 2KB - Virtual size: 17KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.WWP32 Size: 1024B - Virtual size: 786B

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

4a:29:3e:9d:1d:8c:40:7f:17:49:ff:7d:61:5f:8e:75
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

1c:b6:51:9b:25:28:d0:06:d1:da:98:71:53:da:d2:b3
Certificate

.text
Size: 17KB - Virtual size: 29KB

.rdata
Size: 1024B - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 17KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.WWP32
Size: 1024B - Virtual size: 786B