417113098f2d1bb5a5ca025554b03163_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

417113098f2d1bb5a5ca025554b03163_JaffaCakes118
Size

839KB
MD5

417113098f2d1bb5a5ca025554b03163
SHA1

e4e5de2e5a4885ce9ea52ab41de691d4fcee3bcf
SHA256

cd4963912520ed428a041882ee7a8121d95fc342fbf54287068b08c1f49eeeae
SHA512

fd28e2e28809d2e1d80b58401eb118f03a230e0c1109a6c51b6a05d323f92f9cf1fbb49699b5ea7be0be2f7ed5f6a5ef3457789712c6562d592c8302b812bdf6
SSDEEP

24576:jPjgd5+5UwDruaIlAIWMA+ud+uU+uH+uA+ue+u6+uS+uue474TE8u+u6+unwQ9E6:jPjGc5truBlAIWMjPw9gquavee4TE8px

Score

1^/10

Malware Config

Signatures

Files

417113098f2d1bb5a5ca025554b03163_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01af703695327275aaf87f5bd7e81585

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

23/10/2009, 00:00

Not After

22/10/2012, 23:59

Subject

CN=Net Transmit & Receive SL,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Net Transmit & Receive SL,L=Barcelona,ST=Barcelona,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
ReleaseMutex
CreateMutexA
ReadFile
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
SetCurrentDirectoryA
EnumResourceNamesA
CreateThread
GetTickCount
WaitForSingleObject
DeleteFileA
GetModuleHandleA
GetVersion
CreateFileA
WriteFile
CloseHandle
GetSystemDirectoryA
GetVolumeInformationA
GetVersionExA
GetCurrentProcess
lstrcmpA
TerminateThread
SetFileAttributesA
CopyFileA
lstrcpyA
lstrcpynA
CreateDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentDirectoryA
CreateFileW
GetTempPathA
LocalFree
LocalAlloc
GetCurrentThread
HeapAlloc
GetProcessHeap
EnumResourceTypesA
SetEvent
CreateEventA
TerminateProcess
LoadLibraryW
CreateProcessA
CreateProcessW
OpenProcess
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
RtlUnwind
HeapFree
HeapReAlloc
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
GetFileAttributesA
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
HeapSize
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
GetLocaleInfoW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
lstrcatA
GetModuleFileNameA
lstrlenW
lstrlenA
Sleep
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalFree

user32

EndPaint
MessageBoxA
PostMessageA
PostThreadMessageA
GetDesktopWindow
ShowWindow
wvsprintfA
wsprintfA
GetForegroundWindow
GetSystemMetrics
DialogBoxParamA
GetDlgItemTextA
EndDialog
SetFocus
SetDlgItemTextA
SetWindowTextA
LoadIconA
SendMessageA
LoadBitmapA
BeginPaint
GetDlgItem
GetMessageA

gdi32

BitBlt
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
GetObjectA

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
FreeSid
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
CloseServiceHandle
OpenSCManagerA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
RegSetValueExA
LookupAccountNameA
CryptHashData
CryptCreateHash
CryptAcquireContextA
CreateProcessAsUserW
CreateProcessAsUserA
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

ShellExecuteExA
ShellExecuteA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ole32

CoTaskMemFree

ws2_32

WSAGetLastError
socket
closesocket
inet_addr
WSAIoctl
ntohl
gethostbyname

Sections

.text
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01af703695327275aaf87f5bd7e81585

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4cCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

version

ole32

ws2_32

Sections

.text Size: 360KB - Virtual size: 357KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 112KB - Virtual size: 120KB

.rsrc Size: 248KB - Virtual size: 245KB

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

14:1f:4a:c0:fb:2b:4a:49:93:0f:c1:97:53:ae:e0:4c
Certificate

.text
Size: 360KB - Virtual size: 357KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 112KB - Virtual size: 120KB

.rsrc
Size: 248KB - Virtual size: 245KB