3eb121fa5647244a8ee15870348aa782_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3eb121fa5647244a8ee15870348aa782_JaffaCakes118
Size

111KB
MD5

3eb121fa5647244a8ee15870348aa782
SHA1

aa83ff3d567b6a687d671b0e7cfd4b95f39b5a89
SHA256

1d80d0ed5a5aa3fdf0c797d68b986a42509e31e053562c7bb125b6d35fffa2d7
SHA512

44c0ef52f4b91294ecfe53ad773f8352860581916a7bd248c2e4612b3eba74c6ae0f504d0799bcb3e0cc6938fc2422c5cecd0b6c90c67a34c57f6ca85ea937d0
SSDEEP

1536:IrBIJYehaEJJJW/1H1d13xxgp/pBlup4gVr74HG0C8nyfX/u6:S4aEJCWxSmgVH4HG0C8nyfXW6

Score

1^/10

Malware Config

Signatures

Files

3eb121fa5647244a8ee15870348aa782_JaffaCakes118
.exe windows:4 windows x86 arch:x86

677c7a5d7c6b1e44cb3ffcd25d8c287a

Code Sign

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2
Certificate

Issuer

CN=Root Agency

Not Before

01/03/2012, 19:48

Not After

31/12/2039, 23:59

Subject

CN=j2se.java.com

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bb:d0:01:4d:29:54:b7:6f:ad:9c:1f:76:9a:2c:23:70:24:1f:7f:d9
Signer

Actual PE Digest

bb:d0:01:4d:29:54:b7:6f:ad:9c:1f:76:9a:2c:23:70:24:1f:7f:d9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
LocalFree
LoadLibraryA
LocalAlloc
CreateMutexA
WaitForSingleObject
VirtualProtect
CreateThread
LockResource
LoadResource
GetProcAddress
HeapFree
GetProcessHeap
VirtualProtectEx
VirtualAllocEx
GetCurrentProcess
ExitProcess
GetModuleHandleA
CloseHandle
CreateEventA
HeapAlloc
FindResourceA
CreateFileA
InterlockedExchange
RtlUnwind
VirtualQuery

advapi32

GetUserNameA

user32

wsprintfA
GetActiveWindow
CreateDialogParamA
GetSystemMetrics
FindWindowA
GetWindow

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677c7a5d7c6b1e44cb3ffcd25d8c287a

Code Sign

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

bb:d0:01:4d:29:54:b7:6f:ad:9c:1f:76:9a:2c:23:70:24:1f:7f:d9Signer

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 116B

.rsrc Size: 48KB - Virtual size: 45KB

.reloc Size: 4KB - Virtual size: 4KB

42:46:9f:62:f8:41:3f:4e:bf:ce:ee:2e:dd:a8:7f:b2
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

bb:d0:01:4d:29:54:b7:6f:ad:9c:1f:76:9a:2c:23:70:24:1f:7f:d9
Signer

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 116B

.rsrc
Size: 48KB - Virtual size: 45KB

.reloc
Size: 4KB - Virtual size: 4KB